Security Affairs

MARCH 7, 2023

The security breach suffered by LastPass was caused by the failure to update Plex on the home computer of one of its engineers. LastPass revealed that the home computer of one of its DevOp engineers was hacked as part of a sophisticated cyberattack.

Software 98

Software Hacking Data breaches Media 98

Security Affairs

OCTOBER 4, 2020

HP released a security advisory that includes details for three critical and high severity vulnerabilities, tracked as CVE-2020-6925, CVE-2020-6926, and CVE-2020-6927, that impact the HP Device Manager. Base Score CVE-2020-6925 Weak Cipher All versions of HP Device Manager 7.0

Hacking 137

Hacking Accountability Passwords InfoSec 137

Security Affairs

APRIL 14, 2020

Quidd , the online marketplace for trading stickers, cards, toys, and other collectibles, discloses a data breach in has suffered in 2019, it is also recommending users to change their passwords. The data breach was first reported by Risk Based Security last week, since then, Quidd has never disclosed any data breach recent security incident.

Accountability 141

Accountability Hacking Data breaches Passwords 141

Security Affairs

JUNE 28, 2020

Asian media firm E27 suffered a security breach and hackers asked for a “donation” to provide information on the flaws they exploited in the attack. ” “We use Facebook and LinkedIn for account login and do not store any passwords on our system. SecurityAffairs – hacking, E27). Pierluigi Paganini.

Media 143

Media Hacking Passwords Data breaches 143

Security Affairs

MARCH 22, 2021

The Kaspersky ICS CERT published a report that provided details about the threat landscape for computers in the ICS engineering and integration sector in 2020. Kaspersky ICS CERT published a report that provided details about the threat landscape for ICS engineering and integration sector in 2020. In H2 2020, 39.3%

Engineering 134

Engineering VPN Accountability Software 134

Security Affairs

SEPTEMBER 21, 2020

Over 500,000 Activision accounts may have been hacked in a new data breach that the gaming firm suffered on September 20. “All Call of Duty players should be on notice after a major Activision hack has left millions of accounts in limbo.” Change your Activision account passwords and add 2FA immediately.

Hacking 117

Hacking Data breaches Accountability Passwords 117

Security Affairs

NOVEMBER 2, 2020

Oracle issued an out-of-band security update to address a critical remote code execution issue (CVE-2020-14750) impacting multiple Oracle WebLogic Server versions. The advisory states that this vulnerability is related to the CVE-2020-14882 flaw that was addressed in the October 2020 Critical Patch Update. . 12.2.1.4.0,

Advertising 105

Advertising Authentication Passwords Hacking 105

Security Affairs

DECEMBER 11, 2020

The streaming service added that exposed data included Spotify account registration information such as user display name and password, email address, date of birth, and gender. SecurityAffairs – hacking, data leak). We apologize for any inconvenience this may cause” continues the notice. Pierluigi Paganini.

Passwords 111

Passwords Accountability Hacking Data breaches 111

Security Affairs

FEBRUARY 27, 2021

‘Hotarus Corp’ Ransomware operators hacked Ecuador’s largest private bank, Banco Pichincha, and the country’s Ministry of Finance. ?A breach #infosec #deepwebnews @FinanzasEc @EcuCERT_EC pic.twitter.com/WTbXz8EYLx — Security Chronicle (@SecurChronicle) February 23, 2021. Pierluigi Paganini.

Hacking 140

Hacking Banking Ransomware Passwords 140

Security Affairs

JULY 8, 2020

Early June, researchers at F5 Networks have addressed a critical remote code execution (RCE) vulnerability, tracked as CVE-2020-5902, that resides in undisclosed pages of Traffic Management User Interface (TMUI) of the BIG-IP product. The CVE-2020-5902 vulnerability received a CVSS score of 10, this means that is quite easy to exploit.

Advertising 129

Advertising InfoSec Government Healthcare 129

Security Affairs

APRIL 11, 2020

San Francisco International Airport (SFO) disclosed a data breach, its websites SFOConnect.com and SFOConstruction.com were hacked last month. The SFO ITT urges anyone who even visited either website using the Internet Explorer web browser to change the device’s password. SecurityAffairs – hacking, data breach).

Data breaches 144

Data breaches Hacking Telecommunications Passwords 144

Security Affairs

APRIL 1, 2020

The popular Zoom app is under scrutiny, experts have discovered a vulnerability that could be exploited to steal users’ Windows passwords. Security experts and privacy advocates believe that the Zoom is an efficient online video communication platform, but evidently it has some serious privacy and security solutions.

Passwords 120

Passwords Advertising Hacking Software 120

Security Affairs

JULY 14, 2020

The company confirmed the security breach over the weekend, it revealed that unknown threat actors accessed a partner’s systems in June stealing user information. The company confirmed that the an investigation into the hack is still ongoing. million users’ data and 3 million cracked username password combinations.

Hacking 105

Hacking Data breaches Identity Theft Advertising 105

Daniel Miessler

MAY 19, 2020

TOPIC: In this episode, Daniel takes a look at the 2020 Verizon Data Breach Investigations Report. 45% of breaches involved Hacking. Hacking, social, and malware have fallen the most. The top malware type is Password Dumper, because it really is about getting those creds. Hacking types and vectors. Key numbers.

Data breaches 130

Data breaches Phishing Malware Hacking 130

Security Affairs

APRIL 3, 2020

Bad news for Apple iPhone or MacBook users, attackers could hack their device’s camera by tricking them into visiting a website. The ethical hacker Ryan Pickren demonstrated that it is possible to hack Apple iPhone or MacBook users by simply tricking them into visiting a website with the Safari browser. Pierluigi Paganini.

Hacking 138

Hacking Passwords Advertising Mobile 138

Krebs on Security

OCTOBER 28, 2020

In March 2020, KrebsOnSecurity alerted Swedish security giant Gunnebo Group that hackers had broken into its network and sold the access to a criminal group which specializes in deploying ransomware. “The harsh and unfortunate reality is the security of a number of security companies is s**t,” Arena said.

Hacking 342

Hacking Ransomware Banking Accountability 342

Security Affairs

FEBRUARY 13, 2020

The popular Italian hacktivist collective LulzSec ITA claimed via Twitter to have hacked three Italian universities. The popular Italian hacktivist collective LulzSec ITA has announced via Twitter the hack of three Italian universities, highlighting the importance of the cybersecurity for our society. Pierluigi Paganini.

Hacking 138

Hacking Data breaches Advertising Education 138

Security Affairs

JANUARY 21, 2021

With a simple Google search, anyone could have found the password to one of the compromised, stolen email addresses: a gift to every opportunistic attacker.” If you want to receive the weekly Security Affairs Newsletter for free subscribe here. SecurityAffairs – hacking, phishing). ” continues the post.

Phishing 131

Phishing Passwords Healthcare Manufacturing 131

Security Affairs

JUNE 7, 2020

The Indian video on demand giant ZEE5 has been hacked, attackers are threatening to sell the database on the cybercrime underground markets. Now, Kanishk Tagade from Quickcyber confirmed the hack of the Indian video streaming giant. . “A person or a hacking group claiming to have gained access to the network of ZEE5.com,

Hacking 111

Hacking Cybercrime Advertising Passwords 111

Security Affairs

JULY 25, 2020

CISA is warning of the active exploitation of the unauthenticated remote code execution CVE-2020-5902 vulnerability affecting F5 Big-IP ADC devices. “This Alert also provides additional detection measures and mitigations for victim organizations to help recover from attacks resulting from CVE-2020-5902.

Advertising 117

Advertising Government Healthcare Education 117

Security Affairs

JUNE 20, 2021

No reliable technical findings have been made of what information was transferred, but the investigation shows that there were probably usernames and passwords associated with employees in various state administration offices. SecurityAffairs – hacking, APT31). Follow me on Twitter: @securityaffairs and Facebook.

Government 133

Government Hacking Cyber Attacks Passwords 133

Security Affairs

APRIL 19, 2020

A hacker has leaked the usernames and passwords of nearly 23 million players of Webkinz World on a well-known hacking forum. . “ZDNet has learned that details about the vulnerability have been circulating online before today’s leak for months, both on hacking forums and on online IM chat groups.”

Hacking 118

Hacking Passwords Data breaches Advertising 118

Security Affairs

DECEMBER 4, 2021

. “The FBI has identified, as of early November 2021 that Cuba ransomware actors have compromised at least 49 entities in five critical infrastructure sectors, including but not limited to the financial, government, healthcare, manufacturing, and information technology sectors.” SecurityAffairs – hacking, ransomware).

Ransomware 142

Ransomware Hacking Malware Encryption 142

Security Affairs

DECEMBER 24, 2020

91541, 91534 CVE-2014-1812 05/13/2014 Microsoft Windows Group Policy Preferences Password Elevation of Privilege Vulnerability (KB2962486) 9 91148, 90951 CVE-2020-0688 02/11/2020 Microsoft Exchange Server Security Update for February 2020 8.8 SecurityAffairs – hacking, SolarWinds). million out of 7.54

Hacking 115

Hacking Cyber Attacks Passwords Software 115

Security Affairs

NOVEMBER 4, 2020

Yesterday almost $1 billion worth of cryptocurrency contained in a password-protected BitCoin wallet was moved to another wallet. Ahead of the 2020 Presidential election a mysterious transaction was noticed by cyber security experts and researchers. SecurityAffairs – hacking, BitCoin wallet). Pierluigi Paganini.

Cryptocurrency 142

Cryptocurrency Passwords Advertising Hacking 142

Security Affairs

JULY 8, 2021

The American multinational investment bank and financial services firm Morgan Stanley discloses a data breach caused by the hack of an Accellion FTA server of a third-party vendor. The hack of the FTA server took place in March, but the hacker had access to the data of Morgan Stanley customers in May. ” reads the letter.

Data breaches 122

Data breaches Hacking Banking Financial Services 122

Security Affairs

MAY 16, 2022

A 28-year-old Ukrainian national has been sentenced to four years in prison for selling access to hacked servers. The man was arrested in Poland in October 2020 and pleaded guilty to his charges in February. Ivanov-Tolpintsev was charged with conspiracy, trafficking in unauthorized access devices, and trafficking in computer passwords.

Hacking 90

Hacking Passwords Government Accountability 90

Security Affairs

JUNE 30, 2020

A threat actor is selling databases containing data belonging to 14 different companies he claimed were hacked in 2020. The list of companies allegedly hacked include food delivery services, soccer streaming services, fashion and game sites, and loans. Company # of records Alleged Breach Date DarkThrone 282,825 June 2020 Efun 2.2

Data breaches 143

Data breaches Hacking Passwords Risk 143

Security Affairs

OCTOBER 23, 2020

Officials said the group has been targeting dozens of US state, local, territorial, and tribal (SLTT) government networks since at least February 2020. Energetic Bear successfully compromised the infrastructure and as of October 1, 2020, exfiltrated data from at least two victim servers. SecurityAffairs – hacking, Energetic Bear).

Government 125

Government Hacking Advertising Passwords 125

Security Affairs

NOVEMBER 11, 2021

The hacked server was used by the company to manage customer information for the Queensland water supplier. The security breach took place between August 2020 and May 2021, the intrusion has been attributed to a financially motivated attacker that deployed a custom implant to redirect visitor traffic to an online video platform.

Hacking 96

Hacking Passwords Government Security Awareness 96

The Last Watchdog

JUNE 21, 2020

The epidemic went truly mainstream with the release of CryptoLocker back in 2013, and it has since transformed into a major dark web economy spawning the likes of Sodinokibi, Ryuk, and Maze lineages that are targeting the enterprise on a huge scale in 2020. In early 2020, several cybercriminals groups followed suit.

Ransomware 243

Ransomware Hacking Encryption Penetration Testing 243

Security Affairs

JUNE 13, 2023

A database containing the personal information of more than 8.9 A database containing personal information of 8,929,503 Zacks Investment Research users emerged on a popular hacking forum on June 10, 2023. HIBP pointed out that the most recent record in the leaked database is dated May 2020. ” reported HIBP.

Data breaches 94

Data breaches Passwords Cybercrime Encryption 94

Security Affairs

MAY 6, 2020

The analysis of creation data for the records in the database revealed that the last creation date is January 26th, 2020, a circumstance that suggests that the hack took place in the same period. SecurityAffairs – Unacademy, hacking). Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Accountability 105

Accountability Hacking Data breaches Advertising 105

Security Affairs

APRIL 14, 2024

Australian Federal Police reported that an Australian man and a man based in the US will appear in court, following the international investigation that began in 2020. The Australian man developed and sold Firebird to customers on a dedicated hacking forum. The Australian man faces twelve counts of computer offenses.

Computers and Electronics 120

Computers and Electronics Advertising Cryptocurrency Malware 120

Security Affairs

DECEMBER 21, 2020

Critical vulnerabilities tracked as CVE-2020-29492 and CVE-2020-29491 affect several Dell Wyse thin client models that could be exploited by a remote attacker to execute malicious code and gain access to arbitrary files. Both CVE-2020-29492 and CVE-2020-29491 reside in the ThinOS operating system that runs on Dell Wyse thin clients.

Hacking 105

Hacking Firmware DNS Healthcare 105

Security Affairs

JANUARY 1, 2021

Zyxel addressed a critical flaw in its firmware, tracked as CVE-2020-29583 , related to the presence of a hardcoded undocumented secret account. The vulnerability, tracked as CVE-2020-29583 received a CVSS score of 7.8, of Zyxel USG devices contains an undocumented account (zyfwp) with an unchangeable password. .

Firewall 141

Firewall VPN Firmware Passwords 141

Security Affairs

OCTOBER 6, 2019

Microsoft says that the Iran-linked cyber-espionage group tracked as Phosphorus (aka APT35 , Charming Kitten , Newscaster , and Ajax Security Team) a 2020 presidential campaign. Microsoft notified all the impacted users about the hacks and provided supports to the victims to secure their accounts. Pierluigi Paganini.

Accountability 79

Accountability Passwords Advertising Government 79