Security Affairs

DECEMBER 31, 2021

The Have I Been Pwned data breach notification service now includes credentials for 441K accounts that were stolen by RedLine malware. The service now includes credentials for 441K accounts stolen by the popular info-stealer. RS is the key source of identity data sold on online criminal forums since its initial release in early 2020.

Accountability 132

Accountability Malware Data breaches Passwords 132

Security Affairs

SEPTEMBER 1, 2021

Securities and Exchange Commission (SEC) announced sanctions against several organizations over email account hacking. Securities and Exchange Commission (SEC) announced sanctions against eight entities belonging to three companies over email account hacking due to cybersecurity failures. Pierluigi Paganini.

Accountability 82

Accountability Hacking Financial Services Cybersecurity 82

Krebs on Security

MARCH 1, 2022

A Ukrainian security researcher this week leaked several years of internal chat logs and other sensitive data tied to Conti , an aggressive and ruthless Russian cybercrime group that focuses on deploying its ransomware to companies with more than $100 million in annual revenue. 22, 2020, the U.S. On Sunday, Feb. ” GAP #1.

Ransomware 271

Ransomware Healthcare Cybercrime Government 271

Security Affairs

SEPTEMBER 18, 2020

Web-phishing targeting various online services almost doubled during the COVID-19 pandemic , it accounted for 46 percent of the total number of fake web pages. Secure web- phishing. In the first six months of 2020, CERT-GIB blocked a total of 9 304 phishing web resources, which is an increase of 9 percent compared to the previous year.

Phishing 103

Phishing Ransomware Spyware Banking 103

Security Affairs

JUNE 13, 2023

A database containing the personal information of more than 8.9 million Zacks Investment Research users was leaked on a cybercrime forum. A database containing personal information of 8,929,503 Zacks Investment Research users emerged on a popular hacking forum on June 10, 2023. ” reported HIBP.

Data breaches 85

Data breaches Passwords Cybercrime Encryption 85

Security Affairs

OCTOBER 30, 2023

Persad and his co-conspirators hacked the email accounts of the victims, hijacked their cell phone numbers, and took over their online cryptocurrency accounts. Once hijacked a SIM, the attackers can steal money, cryptocurrencies and personal information, including contacts synced with online accounts.

Cryptocurrency 115

Cryptocurrency Accountability Hacking Cybercrime 115

Security Affairs

APRIL 24, 2020

Nintendo has disconnected the NNID legacy login system from main Nintendo profiles after it has discovered a massive account hijacking campaign. The gaming giant Nintendo announced that hackers gained accessed at least 160,000 user accounts as part of an account hijacking campaign since early April. ” reported ZDNet.

Accountability 99

Accountability Passwords Data breaches Advertising 99

Security Affairs

FEBRUARY 18, 2024

Ukrainian national faces up to 20 years in prison for his role in Zeus, IcedID malware schemes CISA: Cisco ASA/FTD bug CVE-2020-3259 exploited in ransomware attacks CISA adds Microsoft Exchange and Cisco ASA and FTD bugs to its Known Exploited Vulnerabilities catalog US gov offers a reward of up to $10M for info on ALPHV/Blackcat gang leaders U.S.

Cybercrime 97

Cybercrime Ransomware Malware Data breaches 97

Security Affairs

OCTOBER 13, 2021

In that case, take into account a conviction, criminal record and the loss of your computer and/or laptop.” The investigation was launched in 2020 after a gaming provider was hit by a DDoS attack launched via this booter service. On July 30, 2020, the police searched the homes of two suspects and seized computers and telephones.

DDOS 110

DDOS Cybercrime IoT Hacking 110

Security Affairs

APRIL 8, 2022

A Ukrainian man was sentenced in the US to 5 years in prison for his criminal activity in the cybercrime group FIN7. for high-level hacking activity in the cybercrime group FIN7 (aka Carbanak Group and the Navigator Group). in May 2020. in May 2020. law enforcement, then he was extradited to the U.S.

Cybercrime 107

Cybercrime Hacking Software Phishing 107

Security Affairs

SEPTEMBER 19, 2022

AquaSec researchers observed the cybercrime gang TeamTNT hijacking servers to run Bitcoin solver since early September. In the first week of September, AquaSec researchers identified at least three different attacks targeting their honeypots, the experts associated them with the cybercrime gang TeamTNT. be on IP 93[.]95[.]229[.]203).”

Encryption 94

Encryption Cybercrime Hacking Malware 94

Security Affairs

FEBRUARY 19, 2024

In October 2020, the US Justice Department charged a Ukrainian national, Mark Sokolovsky (28), with computer fraud for allegedly infecting millions of computers with the Raccoon Infostealer. The man was held in the Netherlands, and he was charged for his alleged role in the international cybercrime operation known as Raccoon Infostealer.

Identity Theft 94

Identity Theft Cryptocurrency Cybercrime Hacking 94

Security Affairs

MARCH 16, 2020

“Upon further examination, we determined that the unauthorised user appeared to have initially gained access on 9 February 2020, and could have gained access to a database in which we store user data.” ” @troyhunt pic.twitter.com/HfAwV7gtVq — Sylvia van Os (@SylvieLorxu) March 12, 2020. .”

Data breaches 105

Data breaches Passwords Advertising Accountability 105

Security Affairs

OCTOBER 30, 2020

The CVE-2020-1472 flaw is an elevation of privilege that resides in the Netlogon. “If the original guidance is not applied, the vulnerability could allow an attacker to spoof a domain controller account that could be used to steal domain credentials and take over the domain.”

Authentication 134

Authentication Advertising Architecture Cybercrime 134

Security Affairs

SEPTEMBER 27, 2021

Researchers from vpnMentor recently published a report that sheds the light on the use of Telegram in the cybercrime ecosystem. vpnMentor researchers joined several cybercrime-focused Telegram groups and discovered a vast network of more 1,000s individuals sharing data leaks and dumps and discussing how to exploit them in illegal activities.

Cybercrime 127

Cybercrime Hacking Mobile DDOS 127

Security Affairs

MAY 26, 2021

Last week, French authorities have seized the dark web marketplace Le Monde Parallèle, it is another success of national police in the fight against cybercrime. French authorities seized the dark web marketplace Le Monde Parallèle, the operation is another success of national police in the fight against cybercrime activity in the dark web.

Cybercrime 142

Cybercrime Cryptocurrency Banking Mobile 142

Security Affairs

JULY 8, 2021

Guidehouse provides account maintenance services to Morgan Stanley’s StockPlan Connect business, hackers breached its Accellion FTA server and stole information belonging to Morgan Stanley stock plan participants. The company pointed out that exposed files did not contain passwords that could be used to access financial accounts.

Data breaches 122

Data breaches Hacking Banking Financial Services 122

Security Affairs

MAY 2, 2023

“A number of investigations to identify additional individuals behind dark web accounts are still ongoing. Europol pointed out that the number of arrested individuals in the SpecTor operation is greater than the number of arrests for the 2020 DisrupTor and 2021 Dark HunTor (2021) law enforcement operations.

Marketing 80

Marketing Accountability Cybercrime Education 80

Security Affairs

DECEMBER 29, 2021

T-Mobile has suffered another security breach, threat actors gained access to the accounts of “a small number of” customers.’. According to The T-Mo Report , which viewed T-Mobile internal documents, there was “unauthorized activity” on some customer accounts. “Affected customers fall into one of three categories. .”

Data breaches 127

Data breaches Mobile Wireless Accountability 127

Security Affairs

FEBRUARY 10, 2021

Europol investigators revealed that the cybercrime organization stole more than $100 million worth of cryptocurrency using SIM Swapping attacks. The National Crime Agency revealed that the SIM swapping attacks targeted numerous victims throughout 2020, including well-known influencers, sports stars, musicians, and their families.

Cybercrime 82

Cybercrime Cryptocurrency Accountability Authentication 82

Security Affairs

JUNE 10, 2021

Group-IB, a global threat hunting and adversarial cyber intelligence company specializing in the investigation and prevention of high-tech cybercrime, has published a comprehensive analysis of fraud cases on a global scale. . Insurance companies around the world are now suffering from phishing.

Scams 96

Scams Banking Retail Insurance 96

Security Affairs

JUNE 16, 2023

The US authorities arrested the man in Arizona last month DoJ states that from at least as early as August 2020 to March 2023, Astamirov and other members of the LockBit ransomware gang committed wire fraud and compromised many computer systems worldwide attempting to extort the victims of ransomware attacks. organizations since 2020.

Ransomware 85

Ransomware Healthcare Education Government 85

Security Affairs

JULY 11, 2020

A jury found Russian hacker Yevgeniy Nikulin guilty for the hack of LinkedIn, Dropbox, and Formspring back in 2012 and for the sale of the stolen data on cybercrime black marketplaces. Nikulin also hacked into an employee account of a Formspring engineer and used it to access the company network between June 13, 2012, and June 29, 2012.

Hacking 79

Hacking Cybercrime Data breaches Advertising 79

Security Affairs

APRIL 6, 2022

The seizure of the Hydra Market is the result of an international investigation conducted by the Central Office for Combating Cybercrime (ZIT) in partnership with U.S. billion euros in 2020 alone. The German authorities reported that around 17 million customers and over 19,000 seller accounts were registered on the Hydra Market.

Marketing 104

Marketing Cybercrime Advertising Hacking 104

Security Affairs

APRIL 6, 2022

The seizure of the Hydra Market is the result of an international investigation conducted by the Central Office for Combating Cybercrime (ZIT) in partnership with U.S. billion euros in 2020 alone. The German authorities reported that around 17 million customers and over 19,000 seller accounts were registered on the Hydra Market.

Marketing 90

Marketing Cybercrime Advertising Hacking 90

Security Affairs

FEBRUARY 10, 2022

. “The Federal Bureau of Investigation is issuing this announcement to inform mobile carriers and the public of the increasing use of Subscriber Identity Module (SIM) swapping by criminals to steal money from fiat and virtual currency accounts.” Use a variation of unique passwords to access online accounts.

Mobile 91

Mobile Cryptocurrency Authentication Accountability 91

Security Affairs

FEBRUARY 13, 2022

. “As of January 2022, we’ve now identified just over $692 million in 2020 ransomware payments — nearly double the amount we initially identified at the time of writing last year’s report.” However, experts added that the true total for both 2020 and 2021 is likely to be much higher. added the company.

Ransomware 89

Ransomware Cryptocurrency Cybercrime Malware 89

Security Affairs

APRIL 21, 2024

The attackers mostly used Cisco vulnerabilities CVE-2020-3259 and CVE-2023-20269. Following initial access, threat actors were observed exploiting domain controller’ functions by generating new domain accounts to establish persistence. In some attacks, threat actors created an administrative account named itadm.

Ransomware 107

Ransomware Encryption Antivirus VPN 107

Security Affairs

NOVEMBER 9, 2021

Then a malicious image is downloaded from Docker Hub accounts under the control of the threat actors. Trend Micro discovered one of the primary Docker Hub accounts (“alpineos”) actively used by TeamTNT and having a total of more than 150,000 pulls of malicious images. ” reads the analysis published by Trend Micro.

Cryptocurrency 100

Cryptocurrency Malware Cybercrime Architecture 100

Security Affairs

JANUARY 30, 2023

Sports fashion retail JD Sports discloses a data breach that explosed data of about 10M customers who placed orders between 2018 and 2020. UK sports fashion chain JD Sports disclosed a data breach that exposed customer data from orders placed between November 2018 and October 2020. The affected JD Sports group brands are JD, Size?,

Data breaches 90

Data breaches Retail Passwords Scams 90

Security Affairs

FEBRUARY 27, 2023

Compromised data include names, addresses, telephone numbers, dates of birth, bank account numbers, credit cards, passwords, license plates, citizen service numbers or passport data. “You don’t just get access to information at DIVD, so he played it very cleverly,” the anonymous source told NOS.

Cybercrime 90

Cybercrime Identity Theft Hacking Scams 90

Security Boulevard

NOVEMBER 2, 2022

Dear blog readers, Do you know a lot about information security cybercrime research OSINT and threat intelligence gathering including cyber threat actors research? 2020-2022 | Lovely Horse Participant | Slashdotted Two Times | Ex-ZDNet | Ex-Webroot | Won Jessy H.

Cybercrime 52

Cybercrime InfoSec Cyber threats Accountability 52

Security Affairs

NOVEMBER 22, 2021

million of its managed WordPress customer accounts. Threat actors compromised the company network since at least September 6, 2021, but the security breach was only discovered by the company on November 17. ” said Demetrius Comes, GoDaddy’s Chief Information Security Officer.

Data breaches 122

Data breaches Passwords Accountability Phishing 122

Security Affairs

MARCH 18, 2020

The websites were informed by some affected TrueFire customers which shared details the data breach notification they received from the company. “On January 10, 2020, TrueFire discovered that an unauthorised person gained access to our computer system and, more specifically, to information that consumers had entered through the website.

Hacking 100

Hacking Data breaches Advertising Accountability 100

Security Affairs

JUNE 7, 2020

The Indian video on demand giant ZEE5 has been hacked, attackers are threatening to sell the database on the cybercrime underground markets. In early April, the researcher Ax Sharma published a post on Medium about a dataset with some 1,023 compromised ZEE5 Premium accounts for an online streaming service. ” reported Tagade.

Hacking 106

Hacking Cybercrime Advertising Passwords 106

Security Affairs

MAY 30, 2021

Interpol has intercepted $83 million in illicit funds transferred from victims to the accounts used by crooks. More than 1,600 bank accounts around the world were frozen throughout the course of the operation. The company transferred nearly USD 7 million to the fraudster through bank accounts in Indonesia and Hong Kong, China.

Banking 133

Banking Accountability Scams Phishing 133

Security Affairs

OCTOBER 17, 2022

As soon the company became aware of the security breach it blocked access to all affected systems. . In September 2020, 80% of MyDeal were acquired by Woolworths, anyway Woolworths was not impacted by the security breach. Payment, drivers licence, or passport details were accessed because MyDeal does not store this information.

Retail 115

Retail Data breaches Passwords Accountability 115