Security Affairs

MAY 5, 2020

GoDaddy has been notifying its customers of a data breach, threat actors might have compromised their web hosting account credentials. GoDaddy has been notifying its customers of a data breach, attackers might have compromised users’ web hosting account credentials. ” reads the data breach notice submitted by the company.

Data breaches 132

Data breaches Accountability Advertising Internet 132

Security Affairs

DECEMBER 16, 2019

Another year is ending and this is the right time to discover which are the worst passwords of 2019 by analyzing data leaked in various data breaches. Independent anonymous researchers, compiled and shared with security firm NordPass a list of 200 most popular passwords that were leaked in data breaches during 2019.

Passwords 92

Passwords Data breaches Password Management Advertising 92

Security Affairs

JULY 7, 2019

Yesterday, July 6, 2019, hackers breached the GitHub account of Canonical Ltd., On July 6, 2019, hackers have breached the GitHub account of Canonical Ltd., Hackers at least created 11 new GitHub repositories in compromised Canonical account. the company behind the Ubuntu Linux distribution. Pierluigi Paganini.

Accountability 109

Accountability Advertising Cryptocurrency Hacking 109

Security Affairs

AUGUST 25, 2019

BadPackets experts observed on August 22 a mass scanning activity targeting Pulse Secure “Pulse Connect Secure” VPN endpoints vulnerable to CVE-2019-11510. On August 22, BadPackets experts observed a mass scanning activity targeting Pulse Secure “Pulse Connect Secure” VPN endpoints vulnerable to CVE-2019-11510.

VPN 103

VPN Advertising Hacking Government 103

Security Affairs

SEPTEMBER 1, 2021

Securities and Exchange Commission (SEC) announced sanctions against several organizations over email account hacking. Securities and Exchange Commission (SEC) announced sanctions against eight entities belonging to three companies over email account hacking due to cybersecurity failures. Pierluigi Paganini.

Accountability 91

Accountability Hacking Financial Services Cybersecurity 91

Security Affairs

JUNE 2, 2021

Feedback message data contained Account id, feedback rating given, and users’ email addresses. Player profile data included Player id; username; country; total money spent on the game; and even Facebook, Apple, and Google account data if the user linked either account with their game account. What Data Was Leaked?

Data breaches 109

Data breaches Accountability Mobile Phishing 109

Security Affairs

JULY 11, 2019

The CVE-2019-1132 flaw addressed by Microsoft this month was exploited by Buhtrap threat actor to target a government organization in Eastern Europe. Microsoft Patch Tuesday updates for July 2019 address a total of 77 vulnerabilities, including two privilege escalation flaws actively exploited in the wild. 86 billion RUB ($27.4M

Government 88

Government Advertising Passwords Banking 88

Security Affairs

JANUARY 7, 2020

Security experts have found a malicious app in the Google Play that exploits the recently patched CVE-2019-2215 zero-day vulnerability. Earlier October, Google Project Zero researchers Maddie Stone publicly disclosed a zero-day vulnerability , tracked as CVE-2019-2215 , in Android. ” reads a blog post published by Stone.

Surveillance 91

Surveillance Advertising Marketing Encryption 91

Security Affairs

JANUARY 9, 2020

Threat actors are probing Citrix servers in the attempt to exploit the CVE-2019-19781 remote code execution vulnerability. Security researchers are warning of ongoing scans for Citrix Application Delivery Controller (NetScaler ADC) and Citrix Gateway (NetScaler Gateway) servers affected by the CVE-2019-19781 vulnerabilities.

Technology 69

Technology Advertising Internet Internet 69

Security Affairs

JULY 28, 2019

According to a report published by cyber security firm Sixgill data for over 23 million payment card were on offer in underground forums in the first half of 2019. . More than 15 million payment card were issued in the US, no other nation accounted for more than 10 percent of stolen card numbers. AMEX accounted for 12 percent.

eCommerce 102

eCommerce Marketing Advertising Retail 102

Security Affairs

FEBRUARY 4, 2020

At the time it is not clear the number of impacted users, anyway, the company sent them a security notification. The company only confirmed that “one or more videos in your Google Photos account was affected by this issue.” The technical issue remained active between 21st November and 25th November 2019. Whoa, what?

Advertising 84

Advertising Accountability Data breaches Information Security 84

Security Affairs

AUGUST 14, 2019

Microsoft Patches Over 90 Vulnerabilities With August 2019 Updates. Microsoft Patch Tuesday security updates for August 2019 address more than 90 flaws, including two new ‘ wormable ‘ issues in Windows Remote Desktop Services. ” reads the security advisory for the CVE-2019-1181.”An

Authentication 89

Authentication Advertising Internet Internet 89

Security Affairs

DECEMBER 11, 2019

Microsoft’s December 2019 Patch Tuesday updates fix a total of 36 flaws, including CVE-2019-1458 Windows zero-day exploited in North Korea-linked attacks. Microsoft’s December 2019 Patch Tuesday updates address a total of 36 flaws, including a Windows zero-day, tracked as CVE-2019-1458 exploited in attacks linked to North Korea.

Advertising 66

Advertising Cybercrime Hacking Accountability 66

Security Affairs

DECEMBER 28, 2019

In September Zynga, the American social game developer running social video game services suffered a data breach that 173 Million accounts. Gnosticplayers revealed that he had access to data belonging to all Android and iOS game players who installed and signed up for the ‘Words With Friends’ game before 2nd September 2019.

Accountability 69

Accountability Hacking Data breaches Passwords 69

Security Affairs

SEPTEMBER 10, 2019

The Instagram account of Robert Downey Jr. has been hacked, he is the last celebrity in order of time that had the social media accounts compromised. Instagram account has been hacked, in this case the attacker did not publish offensive messages, but attempted to monetize their efforts by posting fake giveaways for Apple products.

Accountability 86

Accountability Hacking Advertising Scams 86

Security Affairs

NOVEMBER 13, 2019

Microsoft’s Patch Tuesday updates for November 2019 address over 70 flaws, including an Internet Explorer issue (CVE-2019-1429) that has been exploited in attacks in the wild. Microsoft doesn’t provide any information on the nature of the active attacks, it only pointed out that they are likely limited at this time.

Internet 69

Internet Internet Engineering Advertising 69

Security Affairs

DECEMBER 10, 2019

Microsoft revealed that 44 million Microsoft Azure AD and Microsoft Services accounts were vulnerable to account hijacking. Microsoft discovered that 44 million Microsoft Azure AD and Microsoft Services accounts were vulnerable to account hijacking because of using of compromised passwords. Pierluigi Paganini.

Accountability 90

Accountability Hacking Passwords Advertising 90

Security Affairs

AUGUST 31, 2019

Hackers compromised the Twitter account of Jack Dorsey, CEO at Twitter, and published and retweeted offensive and racist messages. No one is secure online, news of the day is that hackers compromised the Twitter account of Jack Dorsey, CEO at Twitter and co-founder, and published and retweeted offensive and racist tweets.

Accountability 84

Accountability Hacking Mobile Advertising 84

Security Affairs

JULY 9, 2019

Microsoft Patch Tuesday updates for July 2019 address a total of 77 vulnerabilities, 14 rated as Critical, 62 as Important, and only 1 as Moderate in severity. Microsoft released Patch Tuesday updates for July 2019 that address a total of 77 vulnerabilities, 14 rated as Critical, 62 as Important, and only 1 as Moderate in severity.

Advertising 66

Advertising Internet Internet Hacking 66

Security Affairs

OCTOBER 7, 2019

On September 23, Microsoft released an out-of-band patch to address a zero-day memory corruption flaw in Internet Explorer ( CVE-2019-1367 ) that has been exploited in attacks in the wild. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. “. Pierluigi Paganini.

Internet 66

Internet Internet Engineering Advertising 66

Security Affairs

OCTOBER 10, 2020

In March, Google shared data on alerts related to state-sponsored attacks, the tech giant revealed that it issued almost 40,000 alerts of state-sponsored phishing or malware attacks to its users during 2019. Users who aren’t yet enrolled can join to the program using their phone’s built-in security (available with an Android 7.0+

Accountability 81

Accountability Malware Phishing Advertising 81

Security Affairs

JANUARY 8, 2020

A flaw in the popular TikTok app could allow attackers to hijack any user account just by knowing the mobile number of the victim. All free accounts are by default public, only subscribers could restrict the access to the accounts’ content. TikTok is a social media app that allows its users to create and share short form videos.

Accountability 74

Accountability Mobile Advertising Media 74

Security Affairs

JANUARY 27, 2020

Security experts from Kaspersky Lab revealed that the Shlayer malware was the most widespread macOS threat in 2019. According to Kaspersky, in 2019, one in ten of our Mac security solutions encountered this malware at least once. The post Which was the most common threat to macOS devices in 2019? up to 10.14.3.

Adware 72

Adware Malware Social Engineering Advertising 72

Security Affairs

MARCH 30, 2024

The company believes that leaked data are from 2019 or earlier. Based on our preliminary analysis, the data set appears to be from 2019 or earlier, impacting approximately 7.6 million current AT&T account holders and approximately 65.4 million former account holders.”

Data breaches 137

Data breaches Telecommunications Cybercrime Hacking 137

Security Affairs

AUGUST 14, 2019

SAP released Security Patch Day updates for August 2019 that address three critical vulnerabilities in the company’s products. SAP has released the Security Patch Day for August, this month the company addresses several flaws, including three critical vulnerabilities (Hot News), the highest number of critical flaws since 2014.

Advertising 72

Advertising Accountability Hacking Information Security 72

Security Affairs

OCTOBER 30, 2019

Network Solutions, one of the world’s biggest domain registrars, disclosed a data breach that impacted 22 million accounts. Network Solutions , one of the world’s biggest domain registrars, disclosed a data breach that may have impacted 22 million accounts, no financial data was exposed. ” continues the notice.

Data breaches 58

Data breaches Accountability Advertising Encryption 58

Security Affairs

JULY 31, 2021

Microsoft Office 365 email accounts of employees at 27 US Attorneys’ offices were breached by the Russia-linked SVR group as part of the SolarWinds hack, DoJ warns. The APT is believed to have access to compromised accounts from approximately May 7 to December 27, 2020. ” reads the update provided by DoJ.

Accountability 116

Accountability Hacking Information Security Government 116

Security Affairs

APRIL 10, 2024

The company speculates that leaked data are from 2019 or earlier. “The information varied by individual and account, but may have included full name, email address, mailing address, phone number, social security number, date of birth, AT&T account number and AT&T passcode.” AT&T told CNN.

Data breaches 108

Data breaches Telecommunications Identity Theft Hacking 108

Security Affairs

MARCH 23, 2020

107 million records include personal data and basic account information such as the user ID, number of Weibo tweets, number of followers and accounts users are following, account gender, geographic location and more. The ads published by the sellers claim that the data were stolen from Weibo in mid-2019.

Accountability 119

Accountability Passwords Advertising Internet 119

Security Affairs

FEBRUARY 1, 2024

Once hijacked a SIM, the attacker can steal money, cryptocurrencies and personal information, including contacts synced with online accounts. The criminals could hijack social media accounts and bypass 2FA services based on SMS used by online services, including financial ones. ” reads the press release published by DoJ.

Cryptocurrency 114

Cryptocurrency Computers and Electronics Accountability Scams 114

Security Affairs

JUNE 8, 2022

“Upon gaining an initial foothold into a telecommunications organization or network service provider, PRC state-sponsored cyber actors have identified critical users and infrastructure including systems critical to maintaining the security of authentication, authorization, and accounting.

Telecommunications 99

Telecommunications Authentication Passwords Accountability 99

SC Magazine

JULY 9, 2021

An OIG audit found security gaps in the NIH and CMS enterprise risk management (ERM) programs. The Centers for Medicare and Medicaid Services enterprise risk management policies and procedures do not account for national security risks. Credit: Duane Lempke, CC0, via Wikimedia Commons).

Risk 69

Risk Accountability Media Information Security 69

Security Affairs

JANUARY 7, 2024

Between 2017 and 2019, the APT group mainly used DNS hijacking in its campaigns. The group targets government entities, Kurdish (political) groups like PKK, telecommunication, ISPs, IT-service providers (including security companies), NGO, and Media & Entertainment sectors; Over the years, the group enhanced its evasion capabilities.

Media 119

Media Accountability Telecommunications Government 119

Security Affairs

SEPTEMBER 12, 2023

Anonymous Sudan launched a DDoS attack against Telegram after the company suspended the account of the group. The hacker collective Anonymous Sudan (aka Storm-1359) has launched a distributed denial-of-service (DDoS) attack against Telegram in retaliation for the suspension of their primary account. ” reported SOCRadar.

DDOS 119

DDOS Accountability InfoSec Hacking 119

Security Affairs

APRIL 3, 2021

Leaked data includes users’ phone numbers, Facebook IDs, full names, locations, birthdates, bios, and for some accounts the associated email addresses. The data was amassed by threat actors by exploiting a vulnerability fixed in 2019 that allowed data scraping from the social network.

Hacking 138

Hacking Accountability Passwords Data breaches 138

Security Affairs

MARCH 20, 2020

In May 2019, the experts noticed that the group started using hacked email addresses of numerous high-profile targets to send credential spam messages. The group was observed using this scheme between 2019 and 2020, and according to the experts, most of the compromised email accounts belong to defense companies in the Middle East.

Phishing 142

Phishing Accountability Advertising DNS 142

Security Affairs

NOVEMBER 20, 2020

was hit again by a massive cyberattack that may have caused the leakage of information related to its business partners. 20 said they were checking the 8,653 accounts of those it has business transactions with to determine if information related to bank accounts of the other parties as well as other information leaked.”

Banking 120

Banking Cyber Attacks Accountability Media 120