Security Affairs

FEBRUARY 24, 2025

A botnet of 130,000+ devices is attacking Microsoft 365 accounts via password-spraying, bypassing MFA by exploiting basic authentication. SecurityScorecard researchers discovered a botnet of over 130,000 devices that is conducting password-spray attacks against Microsoft 365 (M365) accounts worldwide.

Passwords 122

Passwords Accountability Authentication Malware 122

Krebs on Security

NOVEMBER 9, 2024

The Federal Bureau of Investigation (FBI) is urging police departments and governments worldwide to beef up security around their email systems, citing a recent increase in cybercriminal services that use hacked police email accounts to send unauthorized subpoenas and customer data requests to U.S.-based based technology companies.

Hacking 308

Hacking Accountability Government Social Engineering 308

Krebs on Security

JANUARY 7, 2025

Besieged by scammers seeking to phish user accounts over the telephone, Apple and Google frequently caution that they will never reach out unbidden to users this way. The phishers also abused legitimate Google services to send Tony an email from google.com, and to send a Google account recovery prompt to all of his signed-in devices.

Phishing 346

Phishing Cryptocurrency Accountability Social Engineering 346

Security Affairs

JULY 2, 2025

. “A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an unauthenticated, remote attacker to log in to an affected device using the root account, which has default, static credentials that cannot be changed or deleted.”

Accountability 93

Accountability Mobile Authentication Engineering 93

Malwarebytes

APRIL 16, 2025

In a new version of the old Hello pervert emails, scammers are relying on classic email spoofing techniques to try and convince victims that they have lost control of their email account and computer systems. The scammer says they know your password or compromised your account. Often youre only allowed one day to pay.

Accountability 113

Accountability Scams Passwords Phishing 113

Krebs on Security

NOVEMBER 1, 2024

.” “That said, the phishing attacks stem from partners’ machines being compromised with malware, which has enabled them to also gain access to the partners’ accounts and to send the messages that your reader has flagged,” they continued. SecureWorks said these attacks had been going on since at least March 2023.

Phishing 287

Phishing Accountability Artificial Intelligence Cybercrime 287

Penetration Testing

JUNE 11, 2025

GitLab issues urgent updates for high-severity flaws in CE/EE, including HTML injection (account takeover) and CI/CD code injection. Upgrade to 18.0.2, immediately.

Accountability 106

Accountability Cybersecurity 106

The Hacker News

JUNE 11, 2025

Cybersecurity researchers have uncovered a new account takeover (ATO) campaign that leverages an open-source penetration testing framework called TeamFiltration to breach Microsoft Entra ID (formerly Azure Active Directory) user accounts.

Accountability 112

Accountability Penetration Testing Cybersecurity 112

Schneier on Security

NOVEMBER 6, 2024

“This scale, combined with quick operational turnover of compromised credentials between CovertNetwork-1658 and Chinese threat actors, allows for the potential of account compromises across multiple sectors and geographic regions.” The average uptime for a CovertNetwork-1658 node is approximately 90 days.

Passwords 312

Passwords IoT Accountability Internet 312

The Hacker News

JUNE 8, 2025

OpenAI has revealed that it banned a set of ChatGPT accounts that were likely operated by Russian-speaking threat actors and two Chinese nation-state hacking groups to assist with malware development, social media automation, and research about U.S. satellite communications technologies, among other things.

Accountability 124

Accountability Media Technology Malware 124

The Hacker News

JUNE 10, 2025

Google has stepped in to address a security flaw that could have made it possible to brute-force an account's recovery phone number, potentially exposing them to privacy and security risks. The issue, according to Singaporean security researcher "brutecat," leverages an issue in the company's account recovery feature.

Accountability 116

Accountability Risk 116

Security Affairs

JUNE 17, 2025

State-sponsored hackers compromised the email accounts of several journalists working at the Washington Post. A cyberattack, likely carried out by state-sponsored hackers, compromised the Microsoft email accounts of Washington Post journalists, including reporters covering China and national security.

Accountability 105

Accountability Cyber Attacks Media Hacking 105

Krebs on Security

OCTOBER 30, 2024

.” But in June 2024 testimony to the Senate Finance Committee, it emerged that the intruders had stolen or purchased credentials for a Citrix portal used for remote access, and that no multi-factor authentication was required for that account. Last month, Sens. Mark Warner (D-Va.) and Ron Wyden (D-Ore.) Mark Warner (D-Va.)

Healthcare 310

Healthcare Insurance Computers and Electronics Data breaches 310

Schneier on Security

JULY 1, 2025

Dozens of accounts on X that promoted Scottish independence went dark during an internet blackout in Iran. Well, that’s one way to identify fake accounts and misinformation campaigns.

Accountability 249

Accountability Internet Internet Media 249

Krebs on Security

NOVEMBER 21, 2024

That Joeleoli moniker registered on the cybercrime forum OGusers in 2018 with the email address joelebruh@gmail.com , which also was used to register accounts at several websites for a Joel Evans from North Carolina. Click to enlarge.

Identity Theft 280

Identity Theft Phishing Cryptocurrency Accountability 280

Krebs on Security

JULY 3, 2025

But a new report finds the accused continues to operate a slew of established accounts at American tech companies — including Facebook , Github , PayPal and Twitter/X. Lizhi’s case makes clear, just because someone is sanctioned doesn’t necessarily mean big tech companies are going to suspend their online accounts.

Scams 216

Scams Accountability Government Technology 216

Schneier on Security

OCTOBER 30, 2024

Typically, I create the public and private keypair on my laptop and upload the public key to Amazon, which bakes my public key into the server’s administrator account. My laptop and that remove server are thus entangled, in that the only way to log into the server is using the key on my laptop.

Accountability 300

Accountability Risk Malware Hacking 300

Schneier on Security

FEBRUARY 19, 2025

Authentication through device code flow is designed for logging printers, smart TVs, and similar devices into accounts. Rather than authenticating the user directly, the input-constrained device displays an alphabetic or alphanumeric device code along with a link associated with the user account.

Phishing 221

Phishing Authentication Accountability Passwords 221

Krebs on Security

FEBRUARY 4, 2025

The email address used for those accounts was f.grimpe@gmail.com. Constella says that email address is tied to a Twitter/X account for Shoppy Ecommerce in Israel. Indeed, both StarkRDP and FloraiN have posted to their accounts on Telegram that there were no charges levied against the proprietors of 1337 Services GmbH.

eCommerce 232

eCommerce Cybercrime Accountability Hacking 232

The Hacker News

MAY 19, 2025

Cybersecurity researchers have uncovered malicious packages uploaded to the Python Package Index (PyPI) repository that act as checker tools to validate stolen email addresses against TikTok and Instagram APIs. All three packages are no longer available on PyPI.

Accountability 107

Accountability Cybersecurity 107

Krebs on Security

FEBRUARY 26, 2025

At the end of 2023, malicious hackers learned that many companies had uploaded sensitive customer records to accounts at the cloud data storage service Snowflake that were protected with little more than a username and password (no multi-factor authentication needed).

Hacking 276

Hacking Government Identity Theft Accountability 276

Krebs on Security

JANUARY 22, 2025

Caturegli said while he does have an account on Bugcrowd, he has never submitted anything through the Bugcrowd program, and that he reported this issue directly to MasterCard. The Russian search giant Yandex reports this user account belongs to an “Ivan I.” MasterCard’s request to Caturegli, a.k.a.

DNS 363

DNS Internet Internet Risk 363

Malwarebytes

JUNE 23, 2025

App passwords are special 16-digit codes that Google generates to allow certain apps or devices to access your Google Account securely, especially when you have MFA enabled. Normally, when you sign in to your Google account, you use your regular password plus a second verification step like a code sent to your phone.

Authentication 144

Authentication Passwords Social Engineering Accountability 144

Schneier on Security

JUNE 25, 2025

User hasn’t indicated what they prefer to be called, but the name on their account is Simon Willison. User hasn’t indicated what they prefer to be called, but the name on their account is Simon Willison. User’s account is 237 weeks old. User is currently using ChatGPT in the native app on an iOS device.

Architecture 328

Architecture Surveillance Accountability VPN 328

Schneier on Security

JANUARY 13, 2025

They then compromised the legitimate accounts of paying customers. They combined those two things to create a fee-based platform people could use. It was a sophisticated scheme: The service contained a proxy server that relayed traffic between its customers and the servers providing Microsoft’s AI services, the suit alleged.

Hacking 273

Hacking Authentication Accountability 273

Troy Hunt

FEBRUARY 25, 2025

It's those credentials that are then sold in the stealer logs and later used to access the victim's accounts, which is the second exploitation. Another path had "ve", so it was off to Caracas and the Venezuelan victim's account was confirmed. You get the idea.

Passwords 361

Passwords Accountability VPN Malware 361

Malwarebytes

NOVEMBER 14, 2024

Employees of these companies were tricked into clicking malicious attachments and links and filling in their email account login information on fake sites. With our law enforcement partners, we will continue to aggressively investigate, pursue, and hold accountable the crooks who perpetrate frauds online, wherever they are.”

Accountability 140

Accountability Banking Internet Internet 140

Malwarebytes

APRIL 22, 2025

Cybercriminals are abusing Googles infrastructure, creating emails that appear to come from Google in order to persuade people into handing over their Google account credentials. The difference is that anyone with a Google account can create a website on sites.google.com. Instead create an account on the service itself.

Risk 145

Risk Scams Accountability Phishing 145

Krebs on Security

NOVEMBER 19, 2024

The Telegram account that abyss0 listed in their sales thread appears to have been suspended or deleted. Likewise, abyss0’s account on BreachForums no longer exists, and all of their sales threads have since disappeared. Maybe abyss0 found a buyer who paid for their early retirement.

Data breaches 321

Data breaches Banking Cybercrime Advertising 321

Malwarebytes

JUNE 18, 2025

From there, it’s likely the scammers will empty the bank account and move on to their next victim. These scammers demand immediate payment or action to avoid further impacts, which can dupe individuals into inadvertently sending money to a fraudulent account. On X we see invites like these several times a week.

Banking 130

Banking Scams Advertising Media 130

Krebs on Security

JANUARY 31, 2025

“Those payments would instead be redirected to a financial account the perpetrators controlled, resulting in significant losses to victims,” the DOJ wrote. “These tools were also used to acquire victim user credentials and utilize those credentials to further these fraudulent schemes.

Phishing 289

Phishing Cybercrime Advertising Malware 289

Malwarebytes

MARCH 4, 2025

The Docusign Application Programming Interface (API) allows customers to send emails that come from genuine Docusign accounts, and they can use templates to impersonate reputable companies. Weve identified an unauthorized transaction made from your PayPal account to Coinbase: Amount: $755.38

Scams 132

Scams Accountability Phishing Banking 132

Krebs on Security

DECEMBER 11, 2024

wtf, and PQHosting ; -sites selling aged email, financial, or social media accounts, such as verif[.]work The site Verif dot work, which processes payments through Cryptomus, sells financial accounts, including debit and credit cards. work and kopeechka[.]store store ; -anonymity or “proxy” providers like crazyrdp[.]com

Cryptocurrency 297

Cryptocurrency Banking Cybercrime Advertising 297

Krebs on Security

DECEMBER 19, 2024

” According to Intel 471, this same Discord account was advertised in 2019 by a person on the cybercrime forum Cracked who used the monikers “ ORN ” and “ ori0n.” In 2022, Araneida told fellow Breached members they could be reached on Discord at the username “ Ornie#9811.” 2023 on the forum Cracked.

Hacking 259

Hacking Cybercrime Advertising Data breaches 259

Malwarebytes

JUNE 19, 2025

Take the 184 million logins for social media accounts we reported about recently. But that doesn’t take away from the fact that these credentials are in the hands of cybercriminals who can use them for: Account takeovers : Cybercriminals can use stolen credentials to hijack social media, banking, or corporate accounts.

Identity Theft 135

Identity Theft Passwords Phishing Accountability 135

Troy Hunt

DECEMBER 7, 2024

I post lots of pics to my Facebook account , and if none of that is interesting, here's this week's video on more infosec-related topics: References Sponsored by:  Cyberattacks are guaranteed. Is your recovery?

InfoSec 260

InfoSec Government Accountability 260