2021, Accountability and Information Security

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Krebs on Security

DECEMBER 19, 2024

The makers of Acunetix, Texas-based application security vendor Invicti Security , confirmed Silent Push’s findings, saying someone had figured out how to crack the free trial version of the software so that it runs without a valid license key. Archive.org’s recollection of what altugsara dot com looked like in 2021.

Hacking

Hacking Cybercrime Advertising Data breaches

Attackers exploited SonicWall SMA appliances since January 2025

Security Affairs

APRIL 19, 2025

Threat actors are actively exploiting a remote code execution flaw in SonicWall Secure Mobile Access (SMA) appliances since January 2025. Arctic Wolf researchers warn that threat actors actively exploit a vulnerability, tracked as CVE-2021-20035 (CVSS score of 7.1), in SonicWall Secure Mobile Access (SMA) since at least January 2025.

Firewall

Firewall Passwords VPN Accountability

Chinese threat actors use Quad7 botnet in password-spray attacks

Security Affairs

NOVEMBER 3, 2024

The operators maintain the botnet to launch distributed brute-force attacks on VPNs, Telnet, SSH, and Microsoft 365 accounts. These routers are used to relay brute-force attacks on Microsoft 365 accounts. In the majority of the campaigns, about 80 percent, CovertNetwork-1658 makes only one sign-in attempt per account per day.

Passwords

Passwords Wireless VPN Accountability

0patch releases unofficial patches for CVE-2021-24084 Windows 10 zero-day

Security Affairs

NOVEMBER 28, 2021

0patch released free unofficial patches for Windows local privilege escalation zero-day ( CVE-2021-24084 ) in Windows 10, version 1809 and later. 0patch released free unofficial patches for Windows local privilege escalation zero-day (CVE-2021-24084) in Windows 10, version 1809 and later. Pierluigi Paganini.

Accountability

Accountability Mobile Hacking Information Security

The worst cyber attacks of 2021

Security Affairs

JANUARY 3, 2022

Which are the cyber attacks of 2021 that had the major impact on organizations worldwide in terms of financial losses and disruption of the operations? The US Cybersecurity and Infrastructure Security Agency (CISA) also issued the Emergency Directive 21-02 in response to the disclosure of zero-day vulnerabilities in Microsoft Exchange.

Cyber Attacks

Cyber Attacks Ransomware Hacking Insurance

FlyTrap, a new Android Trojan compromised thousands of Facebook accounts

Security Affairs

AUGUST 9, 2021

Experts spotted a new Android trojan, dubbed FlyTrap, that compromised Facebook accounts of over 10,000 users in at least 144 countries since March 2021. ” Experts believe that FlyTrap belongs to a family of trojans that employ social engineering tricks to compromise Facebook accounts as part of a session hijacking campaign. .

Accountability

Accountability Social Engineering Malware Media

The Have I Been Pwned service now includes 441K accounts stolen by RedLine malware

Security Affairs

DECEMBER 31, 2021

The Have I Been Pwned data breach notification service now includes credentials for 441K accounts that were stolen by RedLine malware. The service now includes credentials for 441K accounts stolen by the popular info-stealer. Internationally sourced data, exfiltrated in Sept and Aug 2021. Pierluigi Paganini.

Accountability

Accountability Malware Data breaches Passwords

Over 3.7 million accounts were compromised in the FlexBooker data breach

Security Affairs

JANUARY 7, 2022

million accounts. Threat actors compromised the FlexBooker accounts of more than 3.7 FlexBooker recommends users stay vigilant and review account statements and credit reports for suspicious transactions. The data breach notification service Have I Been Pwned reports that 3,756,794 accounts were compromised in the attack.

Data breaches

Data breaches Accountability Passwords Cybercrime

LockBit ransomware gang claims to have breached accountancy firm Xeinadin

Security Affairs

DECEMBER 23, 2023

The LockBit ransomware claims to have hacked accountancy firm Xeinadin threatens to leak the alleged stolen data. The LockBit ransomware claims responsibility for hacking the Xeinadin accountancy firm and threatens to disclose the alleged stolen data. Account balances. Client legal information. Customer financials.

Accountability

Accountability Ransomware Data breaches Hacking

Top 10 web application vulnerabilities in 2021–2023

SecureList

MARCH 12, 2024

Profile of participants and applications We collected the data from a sample of the application security assessment projects our team completed in 2021–2023. Recommendations provided in these rankings are general in nature and based on information security best practices standards and guidelines, such as OWASP and NIST.

Passwords

Passwords Authentication Architecture Risk

Ranzy Locker ransomware hit tens of US companies in 2021

Security Affairs

OCTOBER 26, 2021

“Unknown cyber criminals using Ranzy Locker ransomware had compromised more than 30 US businesses as of July 2021. The victims include the construction subsector of the critical manufacturing sector, the academia subsector of the government facilities sector, the information technology sector, and the transportation sector.”

Ransomware

Ransomware Firmware Antivirus Accountability

DUCKTAIL operation targets Facebook’s Business and Ad accounts

Security Affairs

JULY 27, 2022

Researchers uncovered an ongoing operation, codenamed DUCKTAIL that targets Facebook Business and Ad Accounts. Researchers from WithSecure (formerly F-Secure Business) have discovered an ongoing operation, named DUCKTAIL, that targets individuals and organizations that operate on Facebook’s Business and Ads platform.

Accountability

Accountability Malware Marketing Media

Box flaw allowed to bypass MFA and takeover accounts

Security Affairs

JANUARY 19, 2022

A vulnerability in the implementation of multi-factor authentication (MFA) for Box allowed threat actors to take over accounts. A vulnerability in the implementation of multi-factor authentication (MFA) for Box allowed attackers to take over accounts without having access to the victim’s phone, Varonis researchers reported.

Accountability

Accountability Authentication Passwords Data breaches

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

Security Affairs

NOVEMBER 18, 2024

The security breach impacted a limited number of customers, only 836 individuals. The carrier states that personal financial account information and call records were not affected by the security breach. In February 2021, hundreds of users were hit with SIM swapping attacks.

Mobile

Mobile Telecommunications Data breaches Hacking

Recently discovered CVE-2021-3156 SUDO bug also affects macOS Big Sur

Security Affairs

FEBRUARY 3, 2021

Recently Qualys researchers found a Sudo vulnerability, tracked as CVE-2021-3156 , that has allowed any local user to gain root privileges on Unix-like operating systems without authentication. News of the day is that the CVE-2021-3156 flaw also impacts the latest version of Apple macOS Big Sur, and Apple has yet to address it.

Hacking

Hacking Authentication Accountability Cybersecurity

Announcing the winners of the 2021 GCP VRP Prize

Google Security

JUNE 3, 2022

Posted by Harshvardhan Sharma, Information Security Engineer, Google 2021 was another record-breaking year for our Vulnerability Rewards Program (VRP). 2021 saw some amazing work from the security research community. We paid a total of $8.7 million in rewards, our highest amount yet.

Engineering

Engineering Authentication Internet Internet

Many Public Salesforce Sites are Leaking Private Data

Krebs on Security

APRIL 27, 2023

Until being contacted by this reporter on Monday, the state of Vermont had at least five separate Salesforce Community sites that allowed guest access to sensitive data, including a Pandemic Unemployment Assistance program that exposed the applicant’s full name, Social Security number, address, phone number, email, and bank account number.

Banking

Banking Government Information Security Authentication

Spanish police dismantled SIM swapping gang who stole money from victims’ bank accounts

Security Affairs

FEBRUARY 10, 2022

Spanish National Police has arrested eight alleged members of a crime organization who were able to steal money from the bank accounts of the victims through SIM swapping attacks. Once hijacked a SIM, the attackers can steal money, cryptocurrencies and personal information, including contacts synced with online accounts.

Banking

Banking Accountability Mobile Cryptocurrency

The FBI warns of HiatusRAT scanning campaigns against Chinese-branded web cameras and DVRs

Security Affairs

DECEMBER 17, 2024

The threat actors attempted to exploit multiple vulnerabilities in DVRs, including CVE-2017-7921, CVE-2018-9995 , CVE-2020-25078, CVE-2021-33044 , and CVE-2021-36260. In March 2024, threat actors behind this campaign started targeting Internet of Things (IoT) devices in the US, Australia, Canada, New Zealand, and the United Kingdom.

Architecture

Architecture Internet Internet Malware

Russia-linked APT28 group spotted exploiting Outlook flaw to hijack MS Exchange accounts

Security Affairs

DECEMBER 5, 2023

Microsoft warns that the Russia-linked APT28 group is actively exploiting the CVE-2023-23397 Outlook flaw to hijack Microsoft Exchange accounts. The researchers noticed that the attackers also commonly employed multiple known vulnerabilities, including CVE-2023-38831 in WinRAR or CVE-2021-40444 in Windows MSHTML.

Accountability

Accountability Government Hacking Phishing

FBI, CISA, and CGCYBER warn of nation-state actors exploiting CVE-2021-40539 Zoho bug

Security Affairs

SEPTEMBER 16, 2021

The FBI, CISA, and the Coast Guard Cyber Command (CGCYBER) warn of state-sponsored attacks that are actively exploiting CVE-2021-40539 Zoho flaw. In early September, Zoho released a security patch to address an authentication bypass vulnerability, tracked as CVE-2021-40539, in its ManageEngine ADSelfService Plus.

Password Management

Password Management Passwords Authentication Cyber threats

China-linked APT UNC3886 exploits VMware zero-day since 2021

Security Affairs

JANUARY 19, 2024

China-linked group UNC3886 has been exploiting vCenter Server zero-day vulnerability CVE-2023-34048 since at least late 2021. Mandiant researchers reported that China-linked APT group UNC3886 has been exploiting vCenter Server zero-day vulnerability CVE-2023-34048 since at least late 2021. ” concludes the report.

Firewall

Firewall Accountability Malware Hacking

US DoJ charges five alleged members of the Scattered Spider cybercrime gang

Security Affairs

NOVEMBER 21, 2024

Between September 2021 and April 2023, the hackers carried out phishing attacks to steal login credentials from employees of 12 companies and individuals. Victims included gaming, telecom, and cryptocurrency firms, with losses reaching millions in stolen cryptocurrency and data from hundreds of thousands of accounts.

Cybercrime

Cybercrime Identity Theft Cryptocurrency Phishing

Large-scale AiTM phishing campaign targeted +10,000 orgs since 2021?

Security Affairs

JULY 12, 2022

Microsoft experts believe that the AiTM phishing campaign was used to target more than 10,000 organizations since September 2021. ” Once the attackers have captured the session cookie, they have injected it into their browser to skip the authentication process, even if the recipient enabled the MFA for his account.

Phishing

Phishing Authentication Social Engineering Passwords

Twitter says recently leaked user data are from 2021 breach

Security Affairs

DECEMBER 13, 2022

Twitter confirmed that the recent leak of members’ profile information resulted from the 2021 data breach disclosed in August 2022. Twitter confirmed that the recent data leak of millions of profiles resulted from the 2021 data breach that the company disclosed in August 2022. Source: Twitter account @sonoclaudio.

Data breaches

Data breaches Accountability Media Hacking

Ransomware world in 2021: who, how and why

SecureList

MAY 12, 2021

Botmasters and account resellers are tasked with providing initial access inside the victim’s network. For a more detailed overview we chose two of the most noteworthy Big Game Hunting ransomware in 2021. REvil operators have demanded the highest ransoms in 2021. The first one is the REvil (aka Sodinokibi) gang.

Ransomware

Ransomware Encryption Malware Cybercrime

Conti Ransomware Group Diaries, Part I: Evasion

Krebs on Security

MARCH 1, 2022

27, a new Twitter account “ Contileaks ” posted links to an archive of chat messages taken from Conti’s private communications infrastructure, dating from January 29, 2021 to the present day. The Contileaks account did not respond to requests for comment. On Sunday, Feb. ” GAP #1.

Ransomware

Ransomware Healthcare Cybercrime Government

Patch these 2 Active Directory flaws to prevent the takeover of Windows domains

Security Affairs

DECEMBER 21, 2021

Microsoft warns of a couple of Active Directory flaws fixed with the November 2021 Patch Tuesday updates that could allow takeover of Windows domains. The flaws, tracked as CVE-2021-42287 and CVE-2021-42278, can be chained to impersonate domain controllers and gain administrative privileges on Active Directory.

Accountability

Accountability Hacking Information Security

Crazy Evil gang runs over 10 highly specialized social media scams

Security Affairs

FEBRUARY 3, 2025

Since 2021, the Crazy Evil gang has become a major cybercriminal group, using phishing, identity fraud, and malware to steal cryptocurrency. Security experts identified six Crazy Evil’s subteams, called AVLAND, TYPED, DELAND, ZOOMLAND, DEFI, and KEVLAND, which are running targeted scams for specific victim profiles.

Scams

Scams Media Cryptocurrency Cybercrime

Irish data protection commission fines Meta over 2021 data-scraping leak

Security Affairs

NOVEMBER 28, 2022

million) by the Irish data protection commission (DPC) for the data leak suffered by Facebook in 2021 that exposed the data belonging to millions of Facebook users. On April 3rd, 2021, a user leaked the phone numbers and personal data of 533 million Facebook users in a hacking forum for free online. ” reported the WSJ.

Hacking

Hacking Media Accountability Data breaches

Russian national sentenced to 40 months for selling stolen data on the dark web

Security Affairs

AUGUST 16, 2024

The 27-year-old Russian national Georgy Kavzharadze (also known as “George,” “TeRorPP,” “Torqovec,” and “PlutuSS”) has been sentenced to over three years in prison for selling financial information, login credentials, and other personal data on the dark web marketplace, Slilpp. in restitution. These credentials were linked to $1.2

Banking

Banking Accountability Retail Mobile

Law enforcement seized the domains of HeartSender cybercrime marketplaces

Security Affairs

FEBRUARY 2, 2025

Those payments would instead be redirected to a financial account the perpetrators controlled, resulting in significant losses to victims.” By 2021, key members had founded WeCodeSolutions in Lahore, seemingly to legitimize their earnings from HeartSender. ” reads the press release published by DoJ.

Cybercrime

Cybercrime Advertising Phishing Hacking

UScellular discloses the second data breach in a year

Security Affairs

JANUARY 4, 2022

UScellular, one of the largest wireless carriers in the US, has disclosed a data breach after the hack suffered in December 2021. UScellular has disclosed a data breach after the attack that compromised the company’s billing system in December 2021. million customers in 426 markets in 23 states as of the second quarter of 2020.

Data breaches

Data breaches Wireless Accountability Retail

Hackers accessed Mint Mobile subscribers’ data and ported some numbers

Security Affairs

JULY 10, 2021

Mint Mobile discloses a data breach, an unauthorized attacker gained access to subscribers’ account information and ported phone numbers. BleepingComputer reported that Mint Mobile has disclosed a data breach that exposed subscribers’ account information and ported phone numbers to another carrier.

Mobile

Mobile Data breaches Telecommunications Accountability

Increased GDPR Enforcement Highlights the Need for Data Security

Security Affairs

NOVEMBER 18, 2024

Amazon: €746 Million ($781 Million), 2021 In 2021, Amazon received a hefty fine for failing to secure proper consent for advertising cookies. Privacy Shield in 2020, Meta continued transferring data under a framework that was deemed insufficient to protect European citizens from U.S. government surveillance.

Data privacy

Data privacy Risk Surveillance Government

Iran-linked APT groups continue to evolve

Security Affairs

NOVEMBER 17, 2021

The Microsoft Threat Intelligence Center (MSTIC) shared the results of their analysis on the evolution of Iran-linked threat actors at the CyberWarCon 2021. Learn more from this blog summarizing these trends, as presented at #CyberWarCon : [link] — Microsoft Security Intelligence (@MsftSecIntel) November 16, 2021.

VPN

VPN Accountability Social Engineering Media

Cybercriminals Impersonate Dubai Police to Defraud Consumers in the UAE – Smishing Triad in Action

Security Affairs

DECEMBER 10, 2024

billion (equal to USD 326 million) between 2021 and 2023. A month earlier, Dubai and Abu Dhabi Police warned citizens not to share their confidential information, including their account, card details or online banking credentials. The actors became more creative.

Phishing

Phishing Social Engineering Banking DNS

UScellular data breach: attackers ported customer phone numbers

Security Affairs

JANUARY 30, 2021

The company detected the security breach on January 6, 2021, and determined that the intrusion took place early this year, on January 4th, 2021. The malware allowed the attackers to access the CRM using the employee’s accounts and then access personal information, including phone numbers, of the company customers.

Data breaches

Data breaches Wireless Retail Accountability

An ongoing malware campaign exploits Microsoft Exchange Server flaws

Security Affairs

MAY 22, 2024

The keylogger was used to collect account credentials. According to the researchers, the malware campaign targeting MS Exchange Server has been active since at least 2021. “If your server has been compromised, identify the account data that has been stolen and delete the file where this data is stored by hackers. .

Malware

Malware Accountability Technology Hacking

New GoDaddy data breach impacted 1.2 million customers

Security Affairs

NOVEMBER 22, 2021

million of its managed WordPress customer accounts. Threat actors compromised the company network since at least September 6, 2021, but the security breach was only discovered by the company on November 17. “On November 17, 2021, we discovered unauthorized third-party access to our Managed WordPress hosting environment.”

Data breaches

Data breaches Passwords Accountability Information Security

T-Mobile suffered a new data breach

Security Affairs

DECEMBER 29, 2021

T-Mobile has suffered another security breach, threat actors gained access to the accounts of “a small number of” customers.’. According to The T-Mo Report , which viewed T-Mobile internal documents, there was “unauthorized activity” on some customer accounts. “Affected customers fall into one of three categories. .”

Data breaches

Data breaches Mobile Accountability Wireless

ChaosDB, a Critical Cosmos DB flaw affected thousands of Microsoft Azure Customers

Security Affairs

AUGUST 27, 2021

. “ #ChaosDB is an unprecedented critical vulnerability in the Azure cloud platform that allows for remote account takeover of Azure’s flagship database – Cosmos DB. ” reads the post published by the security firm, Azure Cosmos Darabase is Microsoft’s globally-distributed multi-model database service.

Accountability

Accountability Firewall Hacking Risk

Russia-linked APT Nobelium targets French diplomatic entities

Security Affairs

JUNE 21, 2024

French information security agency ANSSI reported that Russia-linked threat actor Nobelium is behind a series of cyber attacks that targeted French diplomatic entities. The French information security agency ANSSI reported that Russia-linked APT Nobelium targeted French diplomatic entities. ” continues the report.

Phishing

Phishing Accountability Information Security Cyber Attacks

Chinese cyberspies obtained Microsoft signing key from Windows crash dump due to a mistake

Security Affairs

SEPTEMBER 6, 2023

Microsoft revealed that the Chinese group Storm-0558 stole a signing key used to breach government email accounts from a Windows crash dump. The attackers forged authentication tokens to access user email using an acquired Microsoft account (MSA) consumer signing key. ” reads the analysis published by Microsoft.

Accountability

Accountability Government Authentication Hacking

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Attackers exploited SonicWall SMA appliances since January 2025

Trending Sources

Chinese threat actors use Quad7 botnet in password-spray attacks

0patch releases unofficial patches for CVE-2021-24084 Windows 10 zero-day

The worst cyber attacks of 2021

FlyTrap, a new Android Trojan compromised thousands of Facebook accounts

The Have I Been Pwned service now includes 441K accounts stolen by RedLine malware

Over 3.7 million accounts were compromised in the FlexBooker data breach

LockBit ransomware gang claims to have breached accountancy firm Xeinadin

Top 10 web application vulnerabilities in 2021–2023

Ranzy Locker ransomware hit tens of US companies in 2021

DUCKTAIL operation targets Facebook’s Business and Ad accounts

Box flaw allowed to bypass MFA and takeover accounts

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

Recently discovered CVE-2021-3156 SUDO bug also affects macOS Big Sur

Announcing the winners of the 2021 GCP VRP Prize

Many Public Salesforce Sites are Leaking Private Data

Spanish police dismantled SIM swapping gang who stole money from victims’ bank accounts

The FBI warns of HiatusRAT scanning campaigns against Chinese-branded web cameras and DVRs

Russia-linked APT28 group spotted exploiting Outlook flaw to hijack MS Exchange accounts

FBI, CISA, and CGCYBER warn of nation-state actors exploiting CVE-2021-40539 Zoho bug

China-linked APT UNC3886 exploits VMware zero-day since 2021

US DoJ charges five alleged members of the Scattered Spider cybercrime gang

Large-scale AiTM phishing campaign targeted +10,000 orgs since 2021?

Twitter says recently leaked user data are from 2021 breach

Ransomware world in 2021: who, how and why

Conti Ransomware Group Diaries, Part I: Evasion

Patch these 2 Active Directory flaws to prevent the takeover of Windows domains

Crazy Evil gang runs over 10 highly specialized social media scams

Irish data protection commission fines Meta over 2021 data-scraping leak

Russian national sentenced to 40 months for selling stolen data on the dark web

Law enforcement seized the domains of HeartSender cybercrime marketplaces

UScellular discloses the second data breach in a year

Hackers accessed Mint Mobile subscribers’ data and ported some numbers

Increased GDPR Enforcement Highlights the Need for Data Security

Iran-linked APT groups continue to evolve

Cybercriminals Impersonate Dubai Police to Defraud Consumers in the UAE – Smishing Triad in Action

UScellular data breach: attackers ported customer phone numbers

An ongoing malware campaign exploits Microsoft Exchange Server flaws

New GoDaddy data breach impacted 1.2 million customers

T-Mobile suffered a new data breach

ChaosDB, a Critical Cosmos DB flaw affected thousands of Microsoft Azure Customers

Russia-linked APT Nobelium targets French diplomatic entities

Chinese cyberspies obtained Microsoft signing key from Windows crash dump due to a mistake

Stay Connected