Troy Hunt

NOVEMBER 7, 2018

It's just another day on the internet when the news is full of headlines about accounts being hacked. The second story was about a number of verified Twitter accounts having been "hacked" and then leveraged in Bitcoin scams. link] — Troy Hunt (@troyhunt) November 6, 2018. Stop victim blaming.

Passwords 238

Passwords Accountability Hacking Education 238

Krebs on Security

MARCH 14, 2023

men have been charged with hacking into a U.S. Both are alleged to be part of a larger criminal organization that specializes in using fake emergency data requests from compromised police and government email accounts to publicly threaten and extort their victims. federal government portal without authorization.

Hacking 238

Hacking Government Media Accountability 238

Schneier on Security

APRIL 2, 2020

name, mailing address, email address, and phone number) Loyalty Account Information (e.g., account number and points balance, but not passwords) Additional Personal Details (e.g., This isn't nearly as bad as the 2014 Marriott breach -- made public in 2018 -- which was the work of the Chinese government.

Hacking 297

Hacking Accountability Data breaches Government 297

Krebs on Security

JULY 18, 2023

[This is Part III in a series on research conducted for a recent Hulu documentary on the 2015 hack of marital infidelity website AshleyMadison.com.] 15, 2018, the Royal Canadian Mounted Police (RCMP) charged then 27-year-old Bloom, of Thornhill, Ontario, with selling stolen personal identities online through the website LeakedSource[.]com.

Hacking 185

Hacking Accountability Data breaches Marketing 185

Security Affairs

JANUARY 20, 2019

Unpatched critical flaw CVE-2018-15439 could be exploited by a remote, unauthenticated attacker to gain full control over the device. Cisco Small Business Switch software is affected by a critical and unpatched vulnerability (CVE-2018-15439) that could be exploited by a remote, unauthenticated attacker to gain full control over the device.

Small Business 105

Small Business Hacking Accountability Software 105

Krebs on Security

FEBRUARY 26, 2023

Media coverage understandably focused on GoDaddy’s admission that it suffered three different cyberattacks over as many years at the hands of the same hacking group. “This guy had access to the notes, and knew the number to call,” to make changes to the account, the CEO of Escrow.com told KrebsOnSecurity.

Hacking 253

Hacking Social Engineering Phishing Scams 253

Krebs on Security

MARCH 13, 2019

[ NASDAQ: SZMK ] says it is investigating a security incident in which a hacker was reselling access to a user account with the ability to modify ads and analytics for a number of big-name advertisers. He acknowledged that the purloined account had the ability to add or modify the advertising creatives that get run on customer ad campaigns.

Accountability 205

Accountability Passwords Advertising Penetration Testing 205

Security Affairs

FEBRUARY 10, 2022

Spanish National Police has arrested eight alleged members of a crime organization who were able to steal money from the bank accounts of the victims through SIM swapping attacks. Once hijacked a SIM, the attackers can steal money, cryptocurrencies and personal information, including contacts synced with online accounts.

Banking 112

Banking Accountability Mobile Cryptocurrency 112

Security Affairs

JULY 6, 2020

employee who hacked into the accounts of thousands of users was sentenced to five years of probation. In September the former Yahoo software engineer Reyes Daniel Ruiz has admitted in court to hacking into 6,000 Yahoo! accounts back in 2018. systems for access to the accounts. Pierluigi Paganini.

Accountability 101

Accountability Advertising Hacking Engineering 101

Security Affairs

FEBRUARY 11, 2019

620 million accounts stolen from 16 hacked websites (Dubsmash, Armor Games, 500px, Whitepages, ShareThis) available for sale on the dark web. The Register revealed in exclusive that some 617 million online account details stolen from 16 hacked websites are available for sale on the dark web. “I need the money.

Accountability 102

Accountability Hacking Advertising Data breaches 102

CyberSecurity Insiders

OCTOBER 6, 2021

Twitch, the American online streaming platform, was reportedly hacked by an anonymous hacker last month who now claims to leak over 100GB data online to disrupt the future business plans of the victimized company further. The post Twitch hacked, and 100GB data stolen appeared first on Cybersecurity Insiders.

Hacking 112

Hacking Identity Theft Cyber Attacks Passwords 112

Security Affairs

MAY 27, 2021

The feds uncovered the attack in May 2021, government experts reported that the threat actors likely created an account with the username “elie” to gain persistence on the network. The threat actors are actively exploiting the following vulnerabilities in Fortinet FortiOS: CVE-2018-13379 ; CVE-2020-12812 ; CVE-2019-5591.

VPN 123

VPN Government Hacking Accountability 123

Security Affairs

APRIL 22, 2024

The threat actors shared a portion of the stolen data with TechCrunch as proof of the hack, it includes records on current and former government officials, diplomats, and politically exposed people. Curiously, in 2011, Thomson Reuters acquired World-Check, then in October 2018, Thomson Reuters closed a deal with The Blackstone Group.

Risk 122

Risk Spyware Hacking Accountability 122

The Security Ledger

APRIL 24, 2019

billion to Internet-enabled theft, fraud and exploitation in 2018, with business e-mail compromise scams resulting in the highest of these financial losses, according to the FBI’s Internet Crime Complaint Center (IC3). The post FBI: Cybercrime Accounted for $2.7B in Losses in 2018 appeared first on The Security Ledger.

Cybercrime 40

Cybercrime Accountability Scams Internet 40

Krebs on Security

FEBRUARY 12, 2019

11, when the company’s Twitter account started fielding reports from users who said they were no longer receiving messages. VFEmail’s Twitter account responded that “external facing systems, of differing OS’s and remote authentication, in multiple data centers are down.” 9], username “aktv.”).

Hacking 239

Hacking DDOS Backups Accountability 239

Security Affairs

AUGUST 28, 2020

A former Cisco employee has pleaded guilty to hacking charges and intentionally causing damage to the systems of his company. ” The Ramesh’s sabotage caused the shut down of over 16,000 WebEx Teams accounts for up to two weeks. SecurityAffairs – hacking, hacking). Pierluigi Paganini.

Hacking 126

Hacking Advertising Accountability Risk 126

Krebs on Security

FEBRUARY 13, 2019

In an ironic twist, the accused — who had fairly well separated his real life identity from his online personas — appears to have been caught after a gaming Web site he frequented got hacked. 12, the U.S. Justice Department announced the arrest of Timothy Dalton Vaughn , a 20-year-old from Winston-Salem, N.C.

Hacking 200

Hacking DDOS Government Accountability 200

Security Affairs

SEPTEMBER 19, 2018

In the first six months of 2018, the experts observed a number of malware samples that was up three times as many samples targeting IoT devices as in the whole of 2017. “As we see, in Q2 2018 the leader by number of unique IP addresses from which Telnet password attacks originated was Brazil (23%). ” reads the report.

IoT 84

IoT Passwords Malware Advertising 84

Security Affairs

FEBRUARY 23, 2021

Twitter removed dozens of accounts allegedly used by Russia-linked threat actors to disseminate disinformation and target western countries. Twitter has removed dozens of accounts used by Russia-linked threat actors that were used to disseminate disinformation and to target the European Union, the United States, and the NATO alliance.

Accountability 83

Accountability Government Internet Internet 83

Security Affairs

NOVEMBER 10, 2021

Around five million cyber attacks hit Taiwan’s government agencies every day, and most of the hacking attempts are originated from China. In August 2020, Chinese hackers gained access to around 6,000 email accounts belonging to at least 10 Taiwan government agencies, officials said. SecurityAffairs – hacking, Taiwan Government).

Government 132

Government Hacking Cyber Attacks Information Security 132

Krebs on Security

OCTOBER 15, 2019

“ BriansClub ,” one of the largest underground stores for buying stolen credit card data, has itself been hacked. million cards added; 2018 brought in 9.2 Correct subject would be the data center was hacked. The leaked data shows that in 2015, BriansClub added just 1.7 million card records for sale. million more.

Hacking 202

Hacking Cybercrime Marketing Banking 202

Security Affairs

AUGUST 8, 2020

Chinese researchers discovered tens of vulnerabilities in a Mercedes-Benz E-Class, including issues that can be exploited to remotely hack it. The research began in 2018 and in August 2019, the experts reported their findings to Daimler, which owns the Mercedes-Benz. SecurityAffairs – hacking, Mercedes). Pierluigi Paganini.

Hacking 145

Hacking Advertising Mobile Engineering 145

Security Affairs

APRIL 5, 2020

OGUsers, one of the most popular hacking forums, was hacked again, it is the second security breach it has suffered in a year. The popular hacking forum OGUsers was hacked again, it is the second security breach it has suffered in a year, the news was first reported by ZDNet. SecurityAffairs – OGUsers forum, hacking).

Hacking 110

Hacking Data breaches Advertising Backups 110

Krebs on Security

FEBRUARY 7, 2024

In 2021, the exclusive Russian cybercrime forum Mazafaka was hacked. In almost any database leak, the first accounts listed are usually the administrators and early core members. The Facebook account for Aleksey Safronov. A “Djamix” account on the forum privetsochi[.]ru

Cybercrime 237

Cybercrime Accountability Identity Theft Hacking 237

Krebs on Security

FEBRUARY 19, 2020

Networking software giant Citrix Systems says malicious hackers were inside its networks for five months between 2018 and 2019, making off with personal and financial data on company employees, contractors, interns, job candidates and their dependents. 13, 2018 and Mar. 28, 2018, a claim Citrix initially denied but later acknowledged.

VPN 353

VPN Passwords Software Telecommunications 353

Security Affairs

JULY 7, 2019

Yesterday, July 6, 2019, hackers breached the GitHub account of Canonical Ltd., On July 6, 2019, hackers have breached the GitHub account of Canonical Ltd., Hackers at least created 11 new GitHub repositories in compromised Canonical account. SecurityAffairs – hacking, Ubuntu). ” states the Canonical team.

Accountability 109

Accountability Advertising Cryptocurrency Hacking 109

Security Affairs

DECEMBER 12, 2018

Experts from Kaspersky Lab reported that that the recently patched Windows kernel zero-day vulnerability ( CVE-2018-8611 ) has been exploited by several threat actors. Microsoft’s Patch Tuesday updates for December 2018 address nearly 40 flaws, including a zero-day vulnerability affecting the Windows kernel. Pierluigi Paganini.

Spyware 102

Spyware Advertising Accountability Malware 102

Security Affairs

NOVEMBER 27, 2019

billion in 2018. According to the data breach notification sent via email by Adobe to its customers, the hackers exploited a vulnerability in the Marketplace website to access account information for registered users. The company did not disclose the number of impacted accounts. Source ZDnet. Pierluigi Paganini.

Hacking 111

Hacking Data breaches Advertising Accountability 111

The Last Watchdog

MARCH 4, 2019

Related: We’re in the midst of ‘cyber Pearl Harbor’ Peel back the layers of just about any sophisticated, multi-staged network breach and you’ll invariably find memory hacking at the core. That’s Gartner’s estimate of global spending on cybersecurity in 2017 and 2018. This quickly gets intricately technical.

Hacking 176

Hacking Energy and Utilities System Administration Accountability 176

Security Affairs

JUNE 4, 2020

The Japanese cryptocurrency exchange Coincheck announced that threat actors have accessed their account at the Oname.com domain registrar and hijacked one of its domain names. In January 2018 Coincheck was hacked and attackers stole $400 million. In January 2018 Coincheck was hacked and attackers stole $400 million.

Accountability 95

Accountability Phishing DNS Cryptocurrency 95

The Last Watchdog

APRIL 4, 2022

They are often unaware of the risks they take on, which can include hacking, fraud, phishing, and more. According to Forbes, “the first half of 2018 was marked by an increase in API-related data breaches, with the 10 largest companies reporting the loss of 63 million personal records.”

Hacking 197

Hacking Penetration Testing Data breaches Authentication 197

Krebs on Security

JULY 26, 2021

One day after last summer’s mass-hack of Twitter , KrebsOnSecurity wrote that 22-year-old British citizen Joseph “PlugwalkJoe” O’Connor appeared to have been involved in the incident. From there, the attackers can reset the password for any online account that allows password resets via SMS. When the U.S.

Media 305

Media Hacking Accountability Scams 305

Adam Levin

JULY 8, 2020

Hackers were also quick to pounce on the disruption caused by the 2018 shutdown of the U.S. ” Hacking campaigns exploiting poor domain name security can be more subtle. Hackers posing as Coincheck.com employees contacted the company’s customers and requested their account credentials. What Can Be Done?

Hacking 130

Hacking Retail Cyber Insurance Authentication 130

Krebs on Security

JUNE 21, 2021

While documenting each device that needs protection is a necessary first step, a number of recent cyberattacks on water treatment systems have been blamed on a failure to properly secure water treatment employee accounts that can be used for remote access. and briefly increased the amount of sodium hydroxide (a.k.a. Image: WaterISAC.

Hacking 317

Hacking Cybersecurity Accountability Technology 317

Security Affairs

MARCH 18, 2019

billion bad ads in 2018, including 58.8 Google introduced 31 new ads policies in 2018, aiming at protecting users from scams and other fraudulent activities (i.e. Some of the policies added by Google in 2018 include the ban of ads from for-profit bail bond providers that were abused for taking advantage of vulnerable communities.

Phishing 86

Phishing Advertising Scams Cryptocurrency 86

Krebs on Security

DECEMBER 1, 2020

“In early 2018, Vaughn demanded 1.5 As KrebsOnSecurity noted in 2019 , Vaughn’s identity was revealed by following the trail of clues from a gaming website he used that later got hacked. Timothy Dalton Vaughn from Winston-Salem, N.C. attorney for the Central District of California. Federal judge Otis D.

DDOS 239

DDOS Mobile Hacking Encryption 239

Security Affairs

SEPTEMBER 2, 2019

Login details of more than 36 million Poshmark accounts are available for sale in the cybercrime underground. Earlier in August, Poshmark , a social commerce marketplace where people in the United States can buy and sell new or used clothing, shoes, and accessories, disclosed a data breach that took place in May 2018.

Accountability 88

Accountability Data breaches Passwords Advertising 88