Krebs on Security

JUNE 27, 2023

Joseph James “PlugwalkJoe” O’Connor , a 24-year-old from the United Kingdom who earned his 15 minutes of fame by participating in the July 2020 hack of Twitter , has been sentenced to five years in a U.S. 02, 2020, pitching O’Connor as a cryptocurrency expert and advisor. I haven’t done anything.”

Cryptocurrency 223

Cryptocurrency Accountability Mobile Hacking 223

Security Affairs

SEPTEMBER 30, 2020

More than 247,000 Microsoft Exchange servers are still vulnerable to attacks exploiting the CVE-2020-0688 RCE issue impacting Exchange Server. The CVE-2020-0688 vulnerability resides in the Exchange Control Panel (ECP) component, the root cause of the problem is that Exchange servers fail to properly create unique keys at install time.

Advertising 100

Advertising Authentication Hacking Accountability 100

Google Security

APRIL 21, 2021

Additionally, in 2020, Google Play Protect scanned over 100B installed apps each day for malware across billions of devices. These guidelines help promote user transparency and developer accountability by providing users with relevant information about the app. We also banned 119k malicious and spammy developer accounts.

Data privacy 124

Data privacy Healthcare Education Accountability 124

Security Affairs

AUGUST 7, 2020

Google published its second Threat Analysis Group (TAG) report which reveals the company has taken down ten coordinated operations in Q2 2020. Google has published its second Threat Analysis Group (TAG) report , a bulletin that includes coordinated influence operation campaigns tracked in Q2 of 2020. response to COVID-19.

Accountability 93

Accountability Advertising Media Government 93

Security Affairs

FEBRUARY 24, 2020

Slickwraps has disclosed a data breach that impacted over 850,000 user accounts, data were accidentally exposed due to security vulnerabilities. Well that's a big old yikes from @SlickWraps pic.twitter.com/28SOEMIBZ9 — Toneman (@Toneman) February 21, 2020. ” reported Slashgear. . ” reported Slashgear.

Accountability 92

Accountability Data breaches Passwords Advertising 92

Security Boulevard

NOVEMBER 2, 2022

Dear blog readers, Do you know a lot about information security cybercrime research OSINT and threat intelligence gathering including cyber threat actors research? Who is Dancho Danchev and what is Dancho Danchev's Blog? The post Who Wants to Become a Guest Blogger At This Blog? Stay tuned!

Cybercrime 52

Cybercrime InfoSec Cyber threats Accountability 52

Heimadal Security

APRIL 19, 2021

Since December 2020, Vermont Health Connect, a leader in healthcare reform, received multiple complaints from its customers reporting logging in to find someone else’s information on their account. At […].

Data breaches 52

Data breaches Healthcare Accountability Account Security 52

Security Affairs

MARCH 14, 2020

Slack addressed a critical flaw within 24 hours from its disclosure, the issue allowed attackers to carry out automate account takeover. The researcher Evan Custodio discovered a critical vulnerability in Slack that could have allowed attackers to launch automate account takeover. TE-based hijack onto neighboring customer requests.”

Accountability 114

Accountability Advertising Data breaches Hacking 114

Thales Cloud Protection & Licensing

JANUARY 28, 2020

January 28, 2020 marks the 13th iteration of Data Privacy Day. These controls should include the use of multi-factor authentication (MFA) to safeguard users’ accounts even in the event that threat actors succeed in compromising their credentials. Its aim is to foster dialogue around the importance of privacy.

Data privacy 150

Data privacy Unstructured Data Encryption Identity Theft 150

Security Affairs

FEBRUARY 24, 2020

According to legitimate sources, Portuguese banking teams have detected irregular accesses to banking portals usually carried out through compromised accounts via the Lampion infections. Crooks are using compromised devices to access the banking portal in order to make online bank transfers to accounts they are controlling. com/P-14-7.dll

Malware 78

Malware Banking Antivirus Advertising 78

Krebs on Security

JULY 14, 2020

Top of the heap this month in terms of outright scariness is CVE-2020-1350 , which concerns a remotely exploitable bug in more or less all versions of Windows Server that attackers could use to install malicious software simply by sending a specially crafted DNS request. .”

DNS 280

DNS Backups System Administration Software 280

Security Boulevard

NOVEMBER 16, 2023

The notorious SolarWinds cyber breach of 2020 is making headlines once again, and CISOs everywhere are talking about how the latest legal filings may have a lasting impact on how they do their jobs.

CISO 64

CISO Accountability 64

Krebs on Security

SEPTEMBER 30, 2023

. “Snatch threat actors have been observed purchasing previously stolen data from other ransomware variants in an attempt to further exploit victims into paying a ransom to avoid having their data released on Snatch’s extortion blog,” the FBI/CISA alert reads. was also used to register an account at the online game stalker[.]so

Ransomware 218

Ransomware Accountability Cybercrime Backups 218

McAfee

JUNE 22, 2020

The shift to working from home in early 2020 accelerated cloud use, just as it accelerated other trends like food delivery and telehealth. Through the first months of 2020 as this shift occurred, we monitored attack attempts from external threat actors on our customer’s cloud accounts , which increased 630%: . .

Cybercrime 52

Cybercrime Data breaches Education Accountability 52

Cisco Security

APRIL 22, 2021

I am excited to share with you that Cisco Secure Endpoint (formerly AMP for Endpoints) has successfully completed the 2020 MITRE Engenuity ATT&CK® Evaluation. This action accounted for over 38% of our findings during the evaluation. By contrast, a forensic snapshot can be configured to automatically trigger.

Engineering 87

Engineering Technology Architecture Accountability 87

McAfee

FEBRUARY 26, 2020

The McAfee team is proud to announce today that, for the third year in a row, McAfee was named a 2020 Gartner Peer Insights Customers’ Choice for Cloud Access Security Brokers (CASB) for its MVISION Cloud solution. rating for McAfee MVISION Cloud as of February 20, 2020. stars or higher. McAfee received 90 reviews and an overall 4.6

Marketing 73

Marketing Healthcare Accountability Technology 73

Heimadal Security

AUGUST 2, 2021

The US Department of Justice disclosed that Microsoft Office 365 email accounts of employees from 27 US Attorneys’ offices got breached by the Russian Foreign Intelligence Service (SVR) during the SolarWinds global hacking spree. The APT is believed to have access to compromised accounts from approximately May 7 to December 27, 2020.

Accountability 98

Accountability Hacking Phishing Cybersecurity 98

McAfee

MARCH 30, 2020

The McAfee team is very proud to announce today that, for the second year in a row, McAfee was named a 2020 Gartner Peer Insights Customers’ Choice for Secure Web Gateways for its Web Solution. rating out of 5, as of 28 March 2020, accordingly. stars or higher. McAfee received 138 reviews and an overall 4.5

CISO 56

CISO Marketing Accountability Malware 56

CyberSecurity Insiders

MAY 25, 2021

This blog was written by an independent guest blogger. billion in cryptocurrency was stolen by criminals in 2020, a recent report by Finaria reveals. The widespread recent implementation of stronger security measures also means crypto-criminals stole 160% more in value in 2019 than in 2020, despite the similar number of crimes.

Cryptocurrency 142

Cryptocurrency Risk Cybersecurity Marketing 142

The Last Watchdog

SEPTEMBER 25, 2023

million in 2023, according to IBM’s Cost of a Data Breach Report, and over 700,000 small businesses were targeted in cybersecurity attacks in 2020, according to the Small Business Association. Monitoring who has made what changes protects your business and holds team members accountable for safe IT practices. Adequate IT compliance.

Small Business 222

Small Business Cybersecurity Technology Accountability 222

Krebs on Security

NOVEMBER 21, 2020

And in May of this year, GoDaddy disclosed that 28,000 of its customers’ web hosting accounts were compromised following a security incident in Oct. 2019 that wasn’t discovered until April 2020. “This gave the actor the ability to change DNS records and in turn, take control of a number of internal email accounts. .

Cryptocurrency 363

Cryptocurrency VPN Scams Social Engineering 363

Anton on Security

JANUARY 3, 2023

This is my completely informal, uncertified, unreviewed and otherwise completely unofficial blog inspired by my reading of our fifth Threat Horizons Report ( full version ) that we just released ( the official blog for #1 report , my unofficial blogs for #2 , #3 and #4 ). Now, go and read the report!

Cybersecurity 185

Cybersecurity Backups DDOS Accountability 185

BH Consulting

NOVEMBER 10, 2020

Here’s the blog we wrote about it last year. Two lessons emerge from this incident : the first is accountability. The post Security Roundup November 2020 appeared first on BH Consulting. The ICS has published the findings in a report you can read here. Another fine mess? Eventual GDPR penalties fall short of expectations.

Data breaches 52

Data breaches Ransomware Risk Cyber Risk 52

Krebs on Security

JULY 26, 2021

02, 2020, pitching him as a trustworthy cryptocurrency expert and advisor. All of those come into play in the case of the Snapchat account of actor Bella Thorne , who was allegedly targeted by PlugwalkJoe and associates in June 2019. In this case, the SIM swap was done to wrest control over Thorne’s Snapchat account.

Media 319

Media Hacking Accountability Scams 319

Krebs on Security

APRIL 20, 2023

“Eventually, the threat actor was able to compromise both the Windows and macOS build environments,” 3CX said in an April 20 update on their blog. In many cases, the phony profiles spoofed chief information security officers at major corporations , and some attracted quite a few connections before their accounts were terminated.

Malware 281

Malware Software Technology Accountability 281

Security Affairs

MAY 27, 2022

This exposure of sensitive credential and network access information, especially privileged user accounts, could lead to subsequent cyber attacks against individual users or affiliated organizations.” In 2017, crooks launched a phishing campaign against universities to compromise.edu accounts. To nominate, please visit:?.

Cybercrime 129

Cybercrime Education Accountability Phishing 129

Krebs on Security

MARCH 1, 2022

Conti makes international news headlines each week when it publishes to its dark web blog new information stolen from ransomware victims who refuse to pay an extortion demand. Shouting “Glory for Ukraine,” the Contileaks account has since published additional Conti employee conversations from June 22, 2020 to Nov.

Ransomware 271

Ransomware Healthcare Cybercrime Government 271

Security Affairs

APRIL 10, 2023

The vendor also fixed a medium-severity reflected cross-site scripting (XSS) vulnerability tracked as CVE-2020-36692. The issue is a post-auth command injection vulnerability that resides in the exception wizard, it can allow administrators to execute arbitrary code.

Firewall 90

Firewall Education Media Hacking 90

Malwarebytes

FEBRUARY 12, 2021

In our last blog, Barcode Scanner app on Google Play infects 10 million users with one update , we wrote about a barcode scanner found on the Google Play store that was infected with Android/Trojan.HiddenAds.AdQR. Below we have the original message from LavaBird from February 10, 2020. Also, we reported that account and app to Google.

Malware 124

Malware Accountability Mobile Passwords 124

Krebs on Security

AUGUST 30, 2022

In a blog post earlier this month, Cloudflare said it detected the account takeovers and that no Cloudflare systems were compromised. 4 it became aware of unauthorized access to information related to a limited number of Twilio customer accounts through a sophisticated social engineering attack designed to steal employee credentials.

Mobile 291

Mobile Phishing Authentication Accountability 291

Security Boulevard

JUNE 11, 2021

According to the 2020 Data Breaches report by Verizon, 25% of all breaches involved the use of stolen credentials. Brute force attacks have a similar share, accounting for 18% of all breaches, and 34% of those for small businesses. Continue reading Password Attacks 101 at Sucuri Blog. And how exactly do they work?

Passwords 96

Passwords Small Business Data breaches Accountability 96

McAfee

DECEMBER 23, 2019

In the largest hack of the year , a former AWS employee exploited a misconfigured Web Application Firewall (WAF) to steal the Social Security numbers, bank account numbers, and other sensitive information of more than 100 million Capital One customers and credit card applicants. Key Actions to Take in 2020 .

Healthcare 54

Healthcare Insurance Artificial Intelligence Authentication 54

Krebs on Security

FEBRUARY 14, 2022

Wazawaka has since “lost his mind” according to his erstwhile colleagues, creating a Twitter account to drop exploit code for a widely-used virtual private networking (VPN) appliance, and publishing bizarre selfie videos taunting security researchers and journalists. Wazawaka, a.k.a. .”

VPN 201

VPN Ransomware Cybercrime Accountability 201

Security Affairs

MAY 2, 2023

“A number of investigations to identify additional individuals behind dark web accounts are still ongoing. Europol pointed out that the number of arrested individuals in the SpecTor operation is greater than the number of arrests for the 2020 DisrupTor and 2021 Dark HunTor (2021) law enforcement operations.

Marketing 79

Marketing Accountability Cybercrime Education 79

The Last Watchdog

DECEMBER 31, 2019

Related: The case for quantifying cyber risks The most important factor that should be taken into account is a security risk assessment. Physical security gates may also help ensure access is only granted to those with sufficient privileges. If risks are not properly assessed, providing security becomes tedious.

Cyber Risk 173

Cyber Risk Risk Firewall Surveillance 173

McAfee

MAY 12, 2020

This year, we’re proud to recognize the six outstanding individuals who have been selected by CRN to be part of the 2020 Women of the Channel (WOTC) list. In addition, in January 2020, she successfully launched a new 13 language McAfee Partner Portal. Sheri Leach – Senior Distribution Account Manager.

Marketing 52

Marketing Accountability Technology 52

Security Affairs

MAY 4, 2023

The IT giant has not addressed the issue because SPA112 2-Port phone adapters reached EoL on June 1, 2020. .” The issue was reported by CataLpa of Dbappsecurity Co., The company also warned that there are no workarounds for the CVE-2023-20126 vulnerability. “Cisco has not released firmware updates to address this vulnerability.

Firmware 84

Firmware Education Media Authentication 84