Account Security, Accountability and Information Security

Report: Healthcare haunted by account security

SC Magazine

MARCH 30, 2021

The healthcare sector’s information security could use a check up. According to a new study by Varonis that tracked 3 billion files across 58 health care firms, one in five files were visible to all employees – including one in eight containing sensitive information. It is not really keeping up with that trust.”

Healthcare

Healthcare Account Security Accountability Risk

Hacker hijacked Orange Spain RIPE account causing internet outage to company customers

Security Affairs

JANUARY 4, 2024

An internet outage impacted Orange Spain after a hacker gained access to the company’s RIPE account to misconfigure BGP routing. The hacker, who uses the moniker ‘Snow’, gained access to the RIPE account of Orange Spain and misconfigured the BGP routing causing an internet outage. I have fixed your RIPE admin account security.

Internet

Internet Internet Accountability Passwords

Instagram implements ‘Security Checkup’ to help users recover compromised accounts

Security Affairs

JULY 18, 2021

Instagram introduced a new security feature dubbed “Security Checkup” to help users to recover their accounts that have been compromised. “Today, we’re launching Security Checkup, a new feature to help people keep their Instagram accounts secure. . ” states the company.

Accountability

Accountability Authentication Scams Hacking

Webinars

Human-Centered Cyber Security Training: Driving Real Impact on Security Culture

MORE WEBINARS

A critical flaw in wpDiscuz WordPress plugin lets hackers take over hosting account

Security Affairs

AUGUST 2, 2020

A critical flaw in the wpDiscuz WordPress plugin could be exploited by remote attackers to execute arbitrary code and take over the hosting account. Security experts from Wordfence discovered a critical vulnerability impacting the wpDiscuz WordPress plugin that is installed on over 80,000 sites. Pierluigi Paganini.

Accountability

Accountability Advertising Account Security Hacking

Hackers are actively exploiting a Zero-Day in WordPress ThemeREX Plugin to create Admin Accounts

Security Affairs

FEBRUARY 19, 2020

A new flaw was discovered in a WordPress plugin, this time experts found a zero-day vulnerability in the ThemeREX Addons to create admin accounts. Security experts from WordFence have discovered a zero-day vulnerability in the ThemeREX Addons that was actively exploited by hackers in the wild to create user accounts with admin permissions.

Accountability

Accountability Advertising Account Security Authentication

Twitter Fined $150 Million for Misuse of 2FA User Data

SecureWorld News

MAY 26, 2022

Federal Trade Commission (FTC) and the Department of Justice (DOJ) charged Twitter with a $150 million penalty for " deceptively using account security data for targeted advertising.". Twitter, like many other social media websites, asks users to provide their phone number and email address to better protect their account.

Advertising

Advertising Media Accountability Account Security

Robinhood data breach exposes 7 Million users’ information

Security Affairs

NOVEMBER 9, 2021

Robinhood disclosed a security breach, an unidentified threat actor gained unauthorized access to approximately 7 million customer records. is an American commission-free stock trading and investing platform, it had 18 million accounts as of March 2021, with over $80 billion in assets. Robinhood Markets , Inc.

Data breaches

Data breaches Accountability Account Security Banking

MailChimp breached, intruders conducted phishing attacks against crypto customers

Security Affairs

APRIL 4, 2022

A threat actor gained access to a tool used by the company’s customer support and account administration teams. “We acted swiftly to address the situation by terminating access for the compromised employee accounts and took steps to prevent additional employees from being affected,” Smyth said.

Phishing

Phishing Data breaches Cryptocurrency Social Engineering

Hackers stole over $250,000 in Ethereum from Bored Ape Yacht Club

Security Affairs

JUNE 5, 2022

“CertiK analysis reveals that this community manager, account –@BorisVagner (“BorisVagner | SBS” on Discord)– posted a message to BAYC’s Discord server with a phishing link that led to the fake site. At this time it is unclear how the attackers have hacked the community manager’s account.

Phishing

Phishing Hacking Accountability Scams

Plex discloses data breach and urges password reset

Security Affairs

AUGUST 24, 2022

In response to the unauthorized access to its database, the company urges all its users to immediately reset account passwords and log out of all devices connected to its service. The company is urging all users to immediately reset account passwords and log out of all devices connected to its service. Pierluigi Paganini.

Data breaches

Data breaches Passwords Media Accountability

2FA bypass in cPanel potentially exposes tens of millions of websites to hack

Security Affairs

NOVEMBER 24, 2020

Researchers discovered a major issue in cPanel that could be exploited by attackers to bypass two-factor authentication for cPanel accounts. Security researchers from Digital Defense have discovered a major security issue in cPanel , a popular software suite that facilitates the management of a web hosting server.

Hacking

Hacking Authentication Accountability Software

T-Mobile customers were hit with SIM swapping attacks

Security Affairs

FEBRUARY 27, 2021

Once hijacked a SIM, the attackers can steal money, cryptocurrencies and personal information, including contacts synced with online accounts. The criminals could hijack social media accounts and bypass 2FA services based on SMS used by online services, including financial ones. .

Mobile

Mobile Telecommunications Data breaches Identity Theft

A massive phishing campaign using QR codes targets the energy sector

Security Affairs

AUGUST 16, 2023

The content of the message attempt to trick the recipient into scanning the code to verify their account. “Email lures came in the form of updating account security surrounding 2FA, MFA, and general account security. The emails urge the recipient to complete the procedure in 2-3 days.

Phishing

Phishing Energy and Utilities Insurance Manufacturing

Nude photo theft offers lessons in selfie security

Malwarebytes

FEBRUARY 12, 2021

Two former college graduates are in a lot of trouble after breaking into other students’ accounts and stealing sensitive personal data. Working with another former graduate, he accessed the school email accounts of dozens of college students and stole private nude photographs. What happened? Many of the images were then shared.

Identity Theft

Identity Theft Social Engineering Passwords Accountability

Poloniex forces password reset following a data leak

Security Affairs

JANUARY 2, 2020

shared a screenshot of the data breach notification email sent by the trading platform to its users, the message said that almost all of the leaked accounts don’t belong to Poloniex accounts. . Please reset your password for account security — Poloniex Customer Support (@PoloSupport) December 30, 2019.

Passwords

Passwords Cryptocurrency Data breaches Advertising

Google warns of APT28 attack attempts against 14,000 Gmail users

Security Affairs

OCTOBER 8, 2021

This specific campaign accounted for 86% of the batch of warnings that the Google team sent out for this month. At some point, some government-backed entity probably will try to send you something,” he added while urging users to review account security settings,”. ” Huntley added. “At

Phishing

Phishing Government Hacking Accountability

Analyzing attacks conducted by North Korea-linked ARCHIPELAGO APT group

Security Affairs

APRIL 6, 2023

ARCHIPELAGO “browser-in-the-browser” phishing page The ARCHIPELAGO group has shifted its phishing tactics over time to avoid detection, the attackers use phishing messages posing as Google account security alerts.

Phishing

Phishing Media Passwords Malware

CISO workshop slides

Notice Bored

AUGUST 5, 2022

Security Posture suggests a confusing mix of application and account security metrics. I'm really not sure what ' security posture ' even means in this context, and curious as to why those two aspects in particular have been selected as example metrics.

CISO

CISO Risk Artificial Intelligence Marketing

Gmail blocked 18 Million phishing and malware emails using COVID-19 lures in a week

Security Affairs

APRIL 17, 2020

Below the recommendations provided by Google: “Admins can look at Google-recommended defenses on our advanced phishing and malware protection page, and may choose to enable the security sandbox. ” concludes Google. “Users should: . Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Phishing

Phishing Malware Government Small Business

Twitter announces measures to protect accounts of people involved in 2020 Presidential election

Security Affairs

SEPTEMBER 18, 2020

Twitter announced that it will adopt new security measures to protect high-profile accounts during the upcoming election in the United States. Twitter announced new measures to protect high-profile accounts during the upcoming US Presidential election. ” reads the post published by the company.

Accountability

Accountability Passwords Advertising Hacking

How to Secure Google Drive

Spinone

MARCH 25, 2019

There are quite a few things that can be done to greatly improve the security of Google Drive, in general, using both built-in technologies provided by Google as well as practical steps. This splitting up of the required components of authentication helps to bolster the security of your Google account.

Backups

Backups Accountability Authentication Passwords

Updated: Data of 400 Million Twitter users up for sale

Security Affairs

DECEMBER 25, 2022

The seller claims the database is private, he provided a sample of 1,000 accounts as proof of claims which included the private information of prominent users such as Donald Trump JR, Brian Krebs, and many more. A threat actor claims they have obtained data of 400,000,000 Twitter users and is attempting to sell it.

Data breaches

Data breaches Accountability Advertising Hacking

Data of 400 Million Twitter users up for sale

Security Affairs

DECEMBER 25, 2022

The seller claims the database is private, he provided a sample of 1,000 accounts as proof of claims which included the private information of prominent users such as Donald Trump JR, Brian Krebs, and many more. A threat actor claims they have obtained data of 400,000,000 Twitter users and is attempting to sell it.

Data breaches

Data breaches Accountability Advertising Hacking

Google reveals that foreign hackers are already targeting Trump and Biden campaigns

Security Affairs

JUNE 5, 2020

We recommend everyone associated with political campaigns enroll in our Advanced Protection Program , which bundles all our strongest Google Account security options together.” ” reads a post published by Google in February.

Advertising

Advertising Accountability Phishing Account Security

Cyber Security Informer

Report: Healthcare haunted by account security

Hacker hijacked Orange Spain RIPE account causing internet outage to company customers

Webinars

Trending Sources

Instagram implements ‘Security Checkup’ to help users recover compromised accounts

Webinars

A critical flaw in wpDiscuz WordPress plugin lets hackers take over hosting account

Hackers are actively exploiting a Zero-Day in WordPress ThemeREX Plugin to create Admin Accounts

Twitter Fined $150 Million for Misuse of 2FA User Data

Robinhood data breach exposes 7 Million users’ information

MailChimp breached, intruders conducted phishing attacks against crypto customers

Hackers stole over $250,000 in Ethereum from Bored Ape Yacht Club

Plex discloses data breach and urges password reset

2FA bypass in cPanel potentially exposes tens of millions of websites to hack

T-Mobile customers were hit with SIM swapping attacks

A massive phishing campaign using QR codes targets the energy sector

Nude photo theft offers lessons in selfie security

Poloniex forces password reset following a data leak

Google warns of APT28 attack attempts against 14,000 Gmail users

Analyzing attacks conducted by North Korea-linked ARCHIPELAGO APT group

CISO workshop slides

Gmail blocked 18 Million phishing and malware emails using COVID-19 lures in a week

Twitter announces measures to protect accounts of people involved in 2020 Presidential election

How to Secure Google Drive

Updated: Data of 400 Million Twitter users up for sale

Data of 400 Million Twitter users up for sale

Google reveals that foreign hackers are already targeting Trump and Biden campaigns

Stay Connected