Security Affairs

DECEMBER 10, 2019

Microsoft revealed that 44 million Microsoft Azure AD and Microsoft Services accounts were vulnerable to account hijacking. Microsoft discovered that 44 million Microsoft Azure AD and Microsoft Services accounts were vulnerable to account hijacking because of using of compromised passwords. Pierluigi Paganini.

Accountability 87

Accountability Hacking Passwords Advertising 87

Security Affairs

AUGUST 31, 2019

Hackers compromised the Twitter account of Jack Dorsey, CEO at Twitter, and published and retweeted offensive and racist messages. No one is secure online, news of the day is that hackers compromised the Twitter account of Jack Dorsey, CEO at Twitter and co-founder, and published and retweeted offensive and racist tweets.

Accountability 83

Accountability Hacking Mobile Advertising 83

Security Affairs

APRIL 3, 2021

On April 3, a user has leaked the phone numbers and personal data of 533 million Facebook users in a hacking forum for free online. Bad news for Facebook, a user in a hacking forum has published the phone numbers and personal data of 533 million Facebook users. SecurityAffairs – hacking, data leak). Pierluigi Paganini.

Hacking 139

Hacking Accountability Passwords Data breaches 139

Security Affairs

DECEMBER 28, 2019

In September Zynga, the American social game developer running social video game services suffered a data breach that 173 Million accounts. Gnosticplayers revealed that he had access to data belonging to all Android and iOS game players who installed and signed up for the ‘Words With Friends’ game before 2nd September 2019.

Accountability 66

Accountability Hacking Data breaches Passwords 66

Security Affairs

FEBRUARY 28, 2021

The New Zealand-based cryptocurrency exchange Cryptopia suffered a new cyber heist while it is in liquidation due to a 2019 security breach. In 2019, the New Zealand-based cryptocurrency exchange Cryptopia discloses a cyber attack that took place on January 14th. SecurityAffairs – hacking, Cryptopia). Pierluigi Paganini.

Cryptocurrency 110

Cryptocurrency Hacking Cyber Attacks Accountability 110

Security Affairs

FEBRUARY 12, 2020

The FBI’s Internal Crime Complaint Center (IC3) released the FBI 2019 Internet Crime Report , a document that outlines cybercrime trends over the past year. Here we are to analyze the annual FBI 2019 Internet Crime Complaint Center (IC3) , one of the most interesting documents on the crime trends observed in the last 12 months.

Internet 115

Internet Internet Scams Cybercrime 115

Security Affairs

DECEMBER 23, 2019

Critical CVE-2019-19781 flaw in Citrix NetScaler ADC and Citrix NetScaler Gateway could be exploited to access company networks, 80,000 companies at risk worldwide. The CVE-2019-19781 vulnerability was discovered by Mikhail Klyuchnikov from Positive Technologies. SecurityAffairs – Citrix, CVE-2019-19781). Pierluigi Paganini.

Risk 98

Risk Technology Advertising Internet 98

Security Affairs

NOVEMBER 10, 2021

Around five million cyber attacks hit Taiwan’s government agencies every day, and most of the hacking attempts are originated from China. Cyber security department director Chien Hung-wei told parliament representatives that government infrastructure faces “five million attacks and scans a day” . Pierluigi Paganini.

Government 129

Government Hacking Cyber Attacks Information Security 129

Security Affairs

NOVEMBER 11, 2020

In November 2019, ransomware operators have started adopting a new double-extortion strategy first used by the Maze gang that sees threat actors also stealing unencrypted files before encrypting infected systems. SecurityAffairs – hacking, Ragnar Locker ransomware). 3 that its computer systems had been sidelined by a malware attack.”

Advertising 127

Advertising Hacking Ransomware Accountability 127

Security Affairs

JULY 7, 2019

Yesterday, July 6, 2019, hackers breached the GitHub account of Canonical Ltd., On July 6, 2019, hackers have breached the GitHub account of Canonical Ltd., Hackers at least created 11 new GitHub repositories in compromised Canonical account. SecurityAffairs – hacking, Ubuntu). Pierluigi Paganini.

Accountability 108

Accountability Advertising Cryptocurrency Hacking 108

Security Affairs

MAY 27, 2021

The feds uncovered the attack in May 2021, government experts reported that the threat actors likely created an account with the username “elie” to gain persistence on the network. The threat actors are actively exploiting the following vulnerabilities in Fortinet FortiOS: CVE-2018-13379 ; CVE-2020-12812 ; CVE-2019-5591.

VPN 123

VPN Government Hacking Accountability 123

Security Affairs

DECEMBER 16, 2019

Another year is ending and this is the right time to discover which are the worst passwords of 2019 by analyzing data leaked in various data breaches. Independent anonymous researchers, compiled and shared with security firm NordPass a list of 200 most popular passwords that were leaked in data breaches during 2019.

Passwords 90

Passwords Data breaches Password Management Advertising 90

Security Affairs

AUGUST 25, 2019

BadPackets experts observed on August 22 a mass scanning activity targeting Pulse Secure “Pulse Connect Secure” VPN endpoints vulnerable to CVE-2019-11510. On August 22, BadPackets experts observed a mass scanning activity targeting Pulse Secure “Pulse Connect Secure” VPN endpoints vulnerable to CVE-2019-11510.

VPN 101

VPN Advertising Hacking Government 101

Security Affairs

JUNE 23, 2020

CLOP ransomware operators have allegedly hacked IndiaBulls Group , an Indian conglomerate headquartered in Gurgaon, India. CLOP ransomware operators have allegedly hacked the Indian conglomerate IndiaBulls Group , its primary businesses are housing finance, consumer finance, and wealth management. . Pierluigi Paganini.

Hacking 103

Hacking Ransomware Banking Mobile 103

Security Affairs

MARCH 30, 2024

In August 2021, the ShinyHunters group claimed to have a database containing private information on roughly 70 million AT&T customers, but the company denied that they had been stolen from its systems. The company believes that leaked data are from 2019 or earlier. million current AT&T account holders and approximately 65.4

Data breaches 136

Data breaches Telecommunications Cybercrime Hacking 136

Security Affairs

JANUARY 25, 2020

Chinese hackers have exploited a zero-day vulnerability the Trend Micro OfficeScan antivirus in the recently disclosed hack of Mitsubishi Electric. This week, Mitsubishi Electric disclosed a security breach that might have exposed personal and confidential corporate data.

Antivirus 132

Antivirus Hacking Advertising Media 132

Security Affairs

AUGUST 19, 2021

. “The exploit was partially successful, in that the attacker modified user account data on the systems to prepare for remote code execution. The flaw was disclosed by Citrix in December 2019, the experts explained that it could be exploited by attackers to access company networks. SecurityAffairs – hacking, Citrix).

Hacking 117

Hacking Firewall Accountability Technology 117

Security Affairs

JUNE 2, 2021

Feedback message data contained Account id, feedback rating given, and users’ email addresses. Player profile data included Player id; username; country; total money spent on the game; and even Facebook, Apple, and Google account data if the user linked either account with their game account. What Data Was Leaked?

Data breaches 109

Data breaches Accountability Mobile Phishing 109

Security Affairs

MAY 5, 2020

GoDaddy has been notifying its customers of a data breach, threat actors might have compromised their web hosting account credentials. GoDaddy has been notifying its customers of a data breach, attackers might have compromised users’ web hosting account credentials. ” reads the data breach notice submitted by the company.

Data breaches 129

Data breaches Accountability Advertising Internet 129

Security Affairs

APRIL 10, 2024

In August 2021, the ShinyHunters group claimed to have a database containing private information on roughly 70 million AT&T customers, but the company denied that they had been stolen from its systems. The company speculates that leaked data are from 2019 or earlier. AT&T told CNN. ” reads the data breach notification.

Data breaches 105

Data breaches Telecommunications Identity Theft Hacking 105

Security Affairs

JULY 31, 2021

Microsoft Office 365 email accounts of employees at 27 US Attorneys’ offices were breached by the Russia-linked SVR group as part of the SolarWinds hack, DoJ warns. The APT is believed to have access to compromised accounts from approximately May 7 to December 27, 2020. SecurityAffairs – hacking, SVR ).

Accountability 117

Accountability Hacking Information Security Government 117

Security Affairs

JANUARY 7, 2020

Security experts have found a malicious app in the Google Play that exploits the recently patched CVE-2019-2215 zero-day vulnerability. Earlier October, Google Project Zero researchers Maddie Stone publicly disclosed a zero-day vulnerability , tracked as CVE-2019-2215 , in Android. ” reads a blog post published by Stone.

Surveillance 87

Surveillance Advertising Marketing Encryption 87

Security Affairs

JANUARY 9, 2020

Threat actors are probing Citrix servers in the attempt to exploit the CVE-2019-19781 remote code execution vulnerability. Security researchers are warning of ongoing scans for Citrix Application Delivery Controller (NetScaler ADC) and Citrix Gateway (NetScaler Gateway) servers affected by the CVE-2019-19781 vulnerabilities.

Technology 66

Technology Advertising Internet Internet 66

Security Affairs

DECEMBER 11, 2019

Microsoft’s December 2019 Patch Tuesday updates fix a total of 36 flaws, including CVE-2019-1458 Windows zero-day exploited in North Korea-linked attacks. Microsoft’s December 2019 Patch Tuesday updates address a total of 36 flaws, including a Windows zero-day, tracked as CVE-2019-1458 exploited in attacks linked to North Korea.

Advertising 64

Advertising Cybercrime Hacking Accountability 64

Security Affairs

AUGUST 14, 2019

Microsoft Patches Over 90 Vulnerabilities With August 2019 Updates. Microsoft Patch Tuesday security updates for August 2019 address more than 90 flaws, including two new ‘ wormable ‘ issues in Windows Remote Desktop Services. ” reads the security advisory for the CVE-2019-1181.”An

Authentication 87

Authentication Advertising Internet Internet 87

Security Affairs

MARCH 18, 2020

While we do not store credit card information on our website, it appears that the unauthorized person gained access to the website and could have accessed the data of consumers who made payment card purchases while that data was being entered, between August 3, 2019 and January 14, 2020.” reads the Notice Of Data Breach.

Hacking 101

Hacking Data breaches Advertising Accountability 101

Security Affairs

SEPTEMBER 12, 2023

Anonymous Sudan launched a DDoS attack against Telegram after the company suspended the account of the group. The hacker collective Anonymous Sudan (aka Storm-1359) has launched a distributed denial-of-service (DDoS) attack against Telegram in retaliation for the suspension of their primary account. ” reported SOCRadar.

DDOS 119

DDOS Accountability InfoSec Hacking 119

Security Affairs

OCTOBER 10, 2020

In March, Google shared data on alerts related to state-sponsored attacks, the tech giant revealed that it issued almost 40,000 alerts of state-sponsored phishing or malware attacks to its users during 2019. Users who aren’t yet enrolled can join to the program using their phone’s built-in security (available with an Android 7.0+

Accountability 78

Accountability Malware Phishing Advertising 78

Security Affairs

JULY 9, 2019

Microsoft Patch Tuesday updates for July 2019 address a total of 77 vulnerabilities, 14 rated as Critical, 62 as Important, and only 1 as Moderate in severity. Microsoft released Patch Tuesday updates for July 2019 that address a total of 77 vulnerabilities, 14 rated as Critical, 62 as Important, and only 1 as Moderate in severity.

Advertising 66

Advertising Internet Internet Hacking 66

Security Affairs

JULY 11, 2019

The CVE-2019-1132 flaw addressed by Microsoft this month was exploited by Buhtrap threat actor to target a government organization in Eastern Europe. Microsoft Patch Tuesday updates for July 2019 address a total of 77 vulnerabilities, including two privilege escalation flaws actively exploited in the wild. 86 billion RUB ($27.4M

Government 86

Government Advertising Passwords Banking 86

Security Affairs

OCTOBER 7, 2019

On September 23, Microsoft released an out-of-band patch to address a zero-day memory corruption flaw in Internet Explorer ( CVE-2019-1367 ) that has been exploited in attacks in the wild. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. “. Pierluigi Paganini.

Internet 65

Internet Internet Engineering Advertising 65

Security Affairs

APRIL 20, 2021

According to coordinated reports published by FireEye and Pulse Secure , two hacking groups have exploited a new zero-day vulnerability in Pulse Secure VPN equipment to break into the networks of US defense contractors and government organizations worldwide. SecurityAffairs – hacking, China). Pierluigi Paganini.

VPN 116

VPN Hacking Authentication Government 116

Security Affairs

FEBRUARY 1, 2024

Once hijacked a SIM, the attacker can steal money, cryptocurrencies and personal information, including contacts synced with online accounts. The criminals could hijack social media accounts and bypass 2FA services based on SMS used by online services, including financial ones. ” reads the press release published by DoJ.

Cryptocurrency 112

Cryptocurrency Computers and Electronics Accountability Scams 112

Security Affairs

JULY 28, 2019

According to a report published by cyber security firm Sixgill data for over 23 million payment card were on offer in underground forums in the first half of 2019. . More than 15 million payment card were issued in the US, no other nation accounted for more than 10 percent of stolen card numbers. AMEX accounted for 12 percent.

eCommerce 100

eCommerce Marketing Advertising Retail 100

Security Affairs

FEBRUARY 4, 2020

At the time it is not clear the number of impacted users, anyway, the company sent them a security notification. The company only confirmed that “one or more videos in your Google Photos account was affected by this issue.” The technical issue remained active between 21st November and 25th November 2019. Whoa, what?

Advertising 82

Advertising Accountability Data breaches Information Security 82

Security Affairs

OCTOBER 30, 2019

Network Solutions, one of the world’s biggest domain registrars, disclosed a data breach that impacted 22 million accounts. Network Solutions , one of the world’s biggest domain registrars, disclosed a data breach that may have impacted 22 million accounts, no financial data was exposed. SecurityAffairs – data breach, hacking).

Data breaches 56

Data breaches Accountability Advertising Encryption 56

Security Affairs

JANUARY 8, 2020

A flaw in the popular TikTok app could allow attackers to hijack any user account just by knowing the mobile number of the victim. All free accounts are by default public, only subscribers could restrict the access to the accounts’ content. SecurityAffairs – TikTok, hacking). Pierluigi Paganini.

Accountability 71

Accountability Mobile Advertising Media 71