Security Affairs

APRIL 28, 2024

From March 18, 2024, to April 16, 2024, Duo Security and Cisco Talos observed large-scale brute-force attacks against a variety of targets, including VPN services, web application authentication interfaces and SSH services. ” reads the advisory published by Okta. ” continues the advisory.

VPN 114

VPN Accountability Firewall Data breaches 114

Security Affairs

APRIL 29, 2024

The agency discovered the unauthorized access on February 26, 2024 and immediately took steps to secure the impacted infrastructure and launched an investigation with the help of third-party forensics experts. The organization discovered that the unauthorized access occurred between February 14 and February 26, 2024.

Data breaches 110

Data breaches Hacking Accountability Cybercrime 110

Security Affairs

JANUARY 13, 2024

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

VPN 111

VPN Cybercrime Ransomware Hacking 111

Security Affairs

APRIL 14, 2024

Crooks manipulate GitHub’s search results to distribute malware BatBadBut flaw allowed an attacker to perform command injection on Windows Roku disclosed a new security breach impacting 576,000 accounts LastPass employee targeted via an audio deepfake call TA547 targets German organizations with Rhadamanthys malware CISA adds D-Link multiple (..)

Data breaches 108

Data breaches Social Engineering Malware Hacking 108

Security Affairs

MARCH 30, 2024

AT&T confirmed that a data breach impacted 73 million current and former customers after its data were leaked on a cybercrime forum. In March 2024, more than 70,000,000 records from an unspecified division of AT&T were leaked onto Breached forum, vx-underground researchers reported. million former account holders.”

Data breaches 136

Data breaches Telecommunications Cybercrime Hacking 136

Security Affairs

APRIL 15, 2024

The security breach occurred on April 1, 2024, the threat actors used a Provider employee’s credentials that illicitly obtained through a phishing attack. Then they used the access to download a set of MFA SMS message logs belonging to customers’ Duo accounts. date and time of the message, type of message, etc.).”

Data breaches 119

Data breaches Social Engineering Engineering Authentication 119

Security Affairs

FEBRUARY 18, 2024

CISA: hackers breached a state government organization Russia-linked Turla APT uses new TinyTurla-NG backdoor to spy on Polish NGOs US Gov dismantled the Moobot botnet controlled by Russia-linked APT28 A cyberattack halted operations at Varta production plants North Korea-linked actors breached the emails of a Presidential Office member Nation-state (..)

Cybercrime 100

Cybercrime Ransomware Malware Data breaches 100

Security Affairs

APRIL 7, 2024

Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Data breaches 105

Data breaches Small Business Hacking Malware 105

Security Affairs

JANUARY 28, 2024

Pro-Ukraine hackers wiped 2 petabytes of data from Russian research center Participants earned more than $1.3M

Artificial Intelligence 100

Artificial Intelligence Hacking Malware Cyber Attacks 100

Security Affairs

MARCH 10, 2024

Judge ordered NSO Group to hand over the Pegasus spyware code to WhatsApp Cybercrime BlackCat Ransomware Affiliate TTPs American Express credit cards EXPOSED in third-party vendor data breach – account numbers and names among details accessed in hack LockBit 3.0’S

Spyware 90

Spyware Data breaches Hacking Ransomware 90

Security Affairs

FEBRUARY 23, 2024

Tangerine suffered a data breach that exposed the personal information of roughly 230,000 individuals. The security breach occurred on Sunday 18 February 2024, but Tangerine management became aware of the incident on Tuesday 20 February 2024. Access to the affected legacy database has also been closed.”continues

Data breaches 97

Data breaches Telecommunications Banking Mobile 97

Krebs on Security

MAY 22, 2023

Social networks are constantly battling inauthentic bot accounts that send direct messages to users promoting scam cryptocurrency investment platforms. Chaput said that at one point last week the volume of bot accounts being registered for the crypto spam campaign started overwhelming the servers that handle new signups at Mastodon.social.

Scams 250

Scams DDOS Cryptocurrency Accountability 250

Security Affairs

MAY 13, 2024

“It is important to note that our systems are secure. We already have robust security processes in place for any account access changes, which will require you to confirm your identity using either Biometrics or Two Factor Authentication.” ” continues the notice.

Data breaches 104

Data breaches Cyber Attacks Identity Theft Banking 104

Security Affairs

FEBRUARY 25, 2024

The attack is limited to my personal accounts, and has nothing to do with validation or operations of the Ronin chain. The attack is limited to my personal accounts, and has nothing to do with validation or operations of the Ronin chain. This has been a tough morning for me. Two of my addresses have been compromised. In April, the U.S.

Cryptocurrency 110

Cryptocurrency Accountability Media Hacking 110

Security Affairs

MAY 1, 2024

The company discovered the security breach on March 10, 2024, the attack impacted some corporate systems. Panda Restaurant Group took immediate action to respond to the incident by securing its infrastructure and investigate the scope of the security breach with the help of third-party cybersecurity specialists.

Data breaches 116

Data breaches Identity Theft Hacking Accountability 116

Security Affairs

FEBRUARY 27, 2024

Multiple threat actors have started exploiting the recently disclosed vulnerabilities , tracked as CVE-2024-1709 (CVSS score of 10) and CVE-2024-1708 (CVSS score of 8.4), in the ConnectWise ScreenConnect software.

Ransomware 119

Ransomware Malware Software Authentication 119

Security Affairs

FEBRUARY 1, 2024

Once hijacked a SIM, the attacker can steal money, cryptocurrencies and personal information, including contacts synced with online accounts. The criminals could hijack social media accounts and bypass 2FA services based on SMS used by online services, including financial ones. ” reads the press release published by DoJ.

Cryptocurrency 111

Cryptocurrency Computers and Electronics Accountability Scams 111

Security Affairs

JANUARY 31, 2024

Larsen pointed out that the hackers compromised his personal XRP accounts, while the @Ripple was not impacted. Yesterday, there was unauthorized access to a few of my personal XRP accounts (not @Ripple ) – we were quickly able to catch the problem and notify exchanges to freeze the affected addresses.

Hacking 109

Hacking Accountability Cryptocurrency Cybercrime 109

Security Affairs

FEBRUARY 4, 2024

Notably, per additional context acquired from the actor, the majority of exposed accounts on the Dark Web didn’t have 2FA enabled. Notably, the timestamps visible on the shared screenshots by the actor illustrate successful unauthorized access with sessions dated Feb 3, 2024 (post-incident disclosure).

Scams 129

Scams Passwords Phishing Accountability 129

Security Affairs

MAY 19, 2024

A new Grandoreiro banking trojan campaign has been ongoing since March 2024, following the disruption by law enforcement in January. IBM X-Force warns of a new Grandoreiro banking trojan campaign that has been ongoing since March 2024. ” states the report. ” concludes the report.

Banking 108

Banking Malware Antivirus Accountability 108

Security Affairs

MAY 21, 2024

pic.twitter.com/5OUODUt3fu — Dominic Alvieri (@AlvieriD) May 20, 2024 The gang claims to have stolen 730GB of data from ATLAS, including Corporate data: Accounts, HR, Finance, Executive, department data, and users and employees’ data. Sunoco is the largest at 8 billion gallons.

Hacking 131

Hacking Ransomware Phishing Malware 131

Security Affairs

MAY 19, 2024

They worked diligently to determine the extent of the impacted data and provided this information to the benefit plans and insurance companies on March 25, 2024. Exposed information may include name, contact information, date of birth, date of death, Social Security number, and insurance information.

Data breaches 111

Data breaches Healthcare Insurance Identity Theft 111

Security Affairs

JANUARY 3, 2024

For the tool to function, the operator must input a list of compromised email accounts to be scanned. It’s noteworthy that most of the victim accounts identified were predominantly from the U.K. This approach was used to deceive individuals into sharing sensitive information with malicious actors.

Artificial Intelligence 120

Artificial Intelligence Banking Scams Cybercrime 120

Security Boulevard

JANUARY 18, 2024

So, let’s explore what 2024 and beyond has in store for all of us in the digital world. This demand leads to the development of cybersecurity predictions which must take into account underlying drivers of the attackers, defenders, and technology where the battles will play out. 2024 Cybersecurity Predictions 1.

Risk 113

Risk Cybersecurity CISO Technology 113

Security Affairs

APRIL 10, 2024

In March 2024, more than 70,000,000 records from an unspecified division of AT&T were leaked onto Breached forum, vx-underground researchers reported. The researchers confirmed that the leaked data is legitimate , however, it is still unclear if the information was stolen from a third-party organization linked to AT&T.

Data breaches 104

Data breaches Telecommunications Identity Theft Hacking 104

Security Affairs

JANUARY 19, 2024

” reads a Form 8-K filed with the Securities and Exchange Commission (SEC) on January 18, 2024. ” The company pointed out that it does not store Social Security numbers and financial information in its systems. million individual consumers.”

Data breaches 117

Data breaches Retail Insurance Passwords 117

Security Affairs

MARCH 7, 2024

2024 is a crucial year for Moldova; like more than 70 other countries worldwide, it will go to the polls, and the outcome will also determine the request to join the European Union. The national intelligence agency of Moldova warns of hybrid attacks from Russia ahead of the upcoming elections.

DDOS 98

DDOS Government Phishing Advertising 98

Security Affairs

DECEMBER 29, 2023

Altogether, Meduza makes a great competitor to Azorult , Redline , Racoon , and Vidar Stealer used by cybercriminals for account takeover (ATO), online-banking theft, and financial fraud. The New Year’s Update Before the New Year 2024, the Meduza team decided to please customers with an update.

Password Management 129

Password Management Cryptocurrency Passwords Authentication 129

Security Affairs

JANUARY 11, 2024

The X account of cybersecurity firm Mandiant was likely hacked through a brute-force password attack, the company revealed. Last week, threat actors hacked the X account of cybersecurity firm Mandiant and used it to impersonate the Phantom crypto platform and share a cryptocurrency scam. and “Check bookmarks when you get account back.”

Accountability 121

Accountability Hacking Cryptocurrency Cybersecurity 121

Security Affairs

FEBRUARY 20, 2024

pic.twitter.com/SvpbeslrCd — vx-underground (@vxunderground) February 19, 2024 The operation led to the arrest of two members of the ransomware gang in Poland and Ukraine and the seizure of hundreds of crypto wallets used by the group. Lockbit ransomware group administrative staff has confirmed with us their websites have been seized.

Energy and Utilities 104

Energy and Utilities Ransomware Manufacturing Financial Services 104

eSecurity Planet

MAY 30, 2024

2024 looks like it will only increase the number of affected individuals considering the scale of ransomware attacks from the first half of the year in the USA, Canada, and Australia. million for the first three quarters of FY 2024. million patient’s information caused by a third party tracker installed on the Kaiser patient portal.

Healthcare 123

Healthcare Cybersecurity Backups Ransomware 123

Security Affairs

FEBRUARY 4, 2024

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Ransomware Revenue Down As More Victims Refuse to Pay Energy giant Schneider Electric hit by Cactus ransomware attack Hundreds Of Network Operators’ Credentials Found Circulating In Dark Web Fla.

Identity Theft 109

Identity Theft VPN Malware Ransomware 109

Security Affairs

MAY 26, 2024

million individuals North Korea-linked Kimsuky used a new Linux backdoor in recent attacks International Press – Newsletter Cybercrime Healthcare company WebTPA discloses breach affecting 2.5

Healthcare 105

Healthcare Spyware Data breaches Banking 105

Security Affairs

FEBRUARY 11, 2024

Gov imposes visa restrictions on individuals misusing Commercial Spyware HPE is investigating claims of a new security breach Experts warn of a surge of attacks targeting Ivanti SSRF flaw How to hack the Airbus NAVBLUE Flysmart+ Manager Crooks stole $25.5

Spyware 97

Spyware Surveillance Identity Theft DDOS 97

Security Affairs

MARCH 6, 2024

Researchers warn that the cybercrime groups GhostSec and Stormous have joined forces in a new ransomware campaign. The group is not linked to the hacktivist group Ghost Security Group, which primarily focuses on counterterrorism efforts and targets pro-ISIS websites. ransomware, a Golang variant of the GhostLocker ransomware.

Ransomware 121

Ransomware Encryption Cybercrime Hacking 121

Security Affairs

MARCH 3, 2024

Private Plane Owners’ Data Linked to LA Intl. Private Plane Owners’ Data Linked to LA Intl. Private Plane Owners’ Data Linked to LA Intl.

Cybercrime 107

Cybercrime Retail Artificial Intelligence Hacking 107

Security Affairs

APRIL 28, 2024

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Cybercrime 101

Cybercrime Spyware Data breaches Antivirus 101