Security Affairs

JANUARY 4, 2024

An internet outage impacted Orange Spain after a hacker gained access to the company’s RIPE account to misconfigure BGP routing. The hacker, who uses the moniker ‘Snow’, gained access to the RIPE account of Orange Spain and misconfigured the BGP routing causing an internet outage. I have fixed your RIPE admin account security.

Internet 108

Internet Internet Accountability Passwords 108

Security Affairs

AUGUST 9, 2023

Cloud account takeover scheme utilizing EvilProxy hit over 100 top-level executives of global organizations EvilProxy was observed sending 120,000 phishing emails to over a hundred organizations to steal Microsoft 365 accounts. Proofpoint noticed a worrisome surge of successful cloud account compromises in the past five months.

Accountability 87

Accountability Phishing Authentication Architecture 87

Security Affairs

FEBRUARY 17, 2020

The popular hacker group OurMine has hacked the official Twitter account of the FC Barcelona, along with the accounts of Olympics and the International Olympic Committee (IOC). The hackers hijacked the official Barcelona and Olympic Twitter accounts and posted some tweets to claim responsibility for the hack.

Accountability 88

Accountability Hacking Advertising Media 88

Krebs on Security

MARCH 13, 2019

Online advertising firm Sizmek Inc. [ NASDAQ: SZMK ] says it is investigating a security incident in which a hacker was reselling access to a user account with the ability to modify ads and analytics for a number of big-name advertisers. The starting bid was $800. A screenshot shared by the dark web seller.

Accountability 214

Accountability Passwords Advertising Penetration Testing 214

Krebs on Security

JUNE 19, 2020

Hundreds of popular websites now offer some form of multi-factor authentication (MFA), which can help users safeguard access to accounts when their password is breached or stolen. Both are avid gamers on Microsoft’s Xbox platform, and for years their father managed their accounts via his own Microsoft account.

Authentication 363

Authentication Accountability Passwords Mobile 363

Security Affairs

DECEMBER 10, 2019

Microsoft revealed that 44 million Microsoft Azure AD and Microsoft Services accounts were vulnerable to account hijacking. Microsoft discovered that 44 million Microsoft Azure AD and Microsoft Services accounts were vulnerable to account hijacking because of using of compromised passwords. Pierluigi Paganini.

Accountability 79

Accountability Hacking Passwords Advertising 79

Security Affairs

AUGUST 5, 2022

million accounts was caused by the exploitation of a zero-day flaw. million Twitter accounts that were obtained by exploiting a now-fixed vulnerability in the popular social media platform. The threat actor offered for sale the stolen data on the popular hacking forum Breached Forums. Source RestorePrivacy. “A

Accountability 104

Accountability Data breaches Authentication Media 104

Security Affairs

APRIL 14, 2019

Bad news for users of the Microsoft Outlook email service, hackers have compromised the Microsoft Support Agent to access their email accounts. Earlier this year, hackers breached Microsoft’s customer support portal and gained access to some email accounts registered with the Microsoft’s Outlook service. Pierluigi Paganini.

Accountability 92

Accountability Hacking Data breaches Advertising 92

Security Affairs

SEPTEMBER 11, 2020

Zoom has implemented two-factor authentication (2FA) to protect all user accounts against security breaches and other cyber attacks. Zoom has announced finally implemented the two-factor authentication (2FA) to protect all user accounts from unauthorized accesses. SecurityAffairs – hacking, 2FA).

Accountability 76

Accountability Authentication Advertising Passwords 76

Security Affairs

FEBRUARY 11, 2019

620 million accounts stolen from 16 hacked websites (Dubsmash, Armor Games, 500px, Whitepages, ShareThis) available for sale on the dark web. The Register revealed in exclusive that some 617 million online account details stolen from 16 hacked websites are available for sale on the dark web. “I need the money.

Accountability 93

Accountability Hacking Advertising Data breaches 93

Security Affairs

SEPTEMBER 21, 2020

Over 500,000 Activision accounts may have been hacked in a new data breach that the gaming firm suffered on September 20. More than 500,000 Activision accounts may have compromised as a result of a data breach suffered by the gaming firm on September 20, reported the eSports site Dexerto. ” concludes Dexerto.

Hacking 105

Hacking Data breaches Accountability Passwords 105

Security Affairs

DECEMBER 3, 2019

A vulnerability in the Microsoft OAuth implementation exposes Azure cloud accounts to takeover. The vulnerability affects the way Microsoft applications use OAuth for authentication, these applications trust certain third-party domains and sub-domains that are not registered by Microsoft. SecurityAffairs – OAuth, hacking).

Authentication 66

Authentication Accountability Social Engineering Advertising 66

Krebs on Security

MAY 5, 2021

After logging in, the user might see a prompt that looks something like this: These malicious apps allow attackers to bypass multi-factor authentication, because they are approved by the user after that user has already logged in. “Now, they’re compromising accounts in credible tenants first,” Proofpoint explains.

Accountability 327

Accountability Passwords Advertising Phishing 327

Security Affairs

JUNE 1, 2020

The expert Bhavuk Jain received an award of $100,000 for reporting a severe security issue in ‘Sign in with Apple’ authentication bypass bug that could allow the takeover of third-party user accounts. . The accounts are protected with two-factor authentication, and Apple does not track users’ activity in their app or website.

Authentication 87

Authentication Accountability Advertising Passwords 87

Security Affairs

FEBRUARY 10, 2022

Spanish National Police has arrested eight alleged members of a crime organization who were able to steal money from the bank accounts of the victims through SIM swapping attacks. Once hijacked a SIM, the attackers can steal money, cryptocurrencies and personal information, including contacts synced with online accounts.

Banking 104

Banking Accountability Mobile Cryptocurrency 104

BH Consulting

AUGUST 31, 2023

Having policies and procedures to secure social media accounts and minimise the potential for incidents can help. billion people are on social media , and businesses have come to rely on these channels in their everyday operations as a form of advertising, recruiting and more. Another risk is social media hacking. More than 4.7

Media 52

Media Accountability Authentication Passwords 52

Security Affairs

OCTOBER 4, 2020

“These vulnerabilities may allow locally managed accounts within Device Manager to be susceptible to dictionary attacks due to weak cipher implementation (CVE-2020-6925) and allow a malicious actor to remotely gain unauthorized access to resources (CVE-2020-6926), and/or allow a malicious actor to gain SYSTEM privileges (CVE-2020-6927).”

Hacking 130

Hacking Accountability Passwords InfoSec 130

Security Affairs

NOVEMBER 3, 2018

Cybercriminals offered for sale private messages from at least 81,000 Facebook accounts claiming of being in possession of data from 120 million accounts. Crooks are offering for sale Criminals are selling the private messages of 81,000 hacked Facebook accounts for 10 cents per account. ” states the BBC. .

Accountability 97

Accountability Advertising Cybercrime Hacking 97

Security Affairs

APRIL 5, 2020

OGUsers, one of the most popular hacking forums, was hacked again, it is the second security breach it has suffered in a year. The popular hacking forum OGUsers was hacked again, it is the second security breach it has suffered in a year, the news was first reported by ZDNet. SecurityAffairs – OGUsers forum, hacking).

Hacking 102

Hacking Data breaches Advertising Backups 102

Malwarebytes

JULY 11, 2023

Like all social media platforms, Facebook constantly has to deal with fake accounts, scams and malware. In the past few weeks, there's been a resurgence in sponsored posts and accounts that impersonate Meta/Facebook's own Ads Manager. In early June, we identified fraudulent accounts running the same scam using similar lures.

Accountability 85

Accountability Scams Malware Advertising 85

Security Affairs

SEPTEMBER 29, 2018

The worst suspect is a disconcerting reality, Facebook admitted that advertisers were able to access phone numbers of its users for enhanced security. Researchers from two American universities discovered that that phone numbers given to Facebook for two-factor authentication were also used for advertising purposes.

Advertising 82

Advertising Authentication Accountability Hacking 82

Security Affairs

JULY 14, 2020

The company confirmed that the an investigation into the hack is still ongoing. In response to the incident, the bidding portal has forced a password reset for all users’ accounts, both bidder and auctioneer ones. The experts found a post advertising information of roughly 3.4 SecurityAffairs – hacking, LiveAuctioneers ).

Hacking 98

Hacking Data breaches Identity Theft Advertising 98

Schneier on Security

MARCH 19, 2021

A wide ecosystem of these companies exist , each advertising their own ability to run text messaging for other businesses. Too many networks use SMS as an authentication mechanism. Once the hacker is able to reroute a target’s text messages, it can then be trivial to hack into other accounts associated with that phone number.

Authentication 294

Authentication Accountability Mobile Advertising 294

Security Affairs

MARCH 17, 2019

Threat actors targeted Office 365 and G Suite cloud accounts using the IMAP protocol to bypass multi-factor authentication (MFA). Over the past months, threat actors have targeted Office 365 and G Suite cloud accounts using the IMAP protocol to bypass multi-factor authentication (MFA).

Accountability 111

Accountability Phishing Authentication Passwords 111

Security Affairs

JUNE 8, 2020

Any Indian DigiLocker Account Could’ve Been Accessed Without Password. DigiLocker provides an account in cloud to every Aadhaar holder to access authentic documents/certificates such as driving license, vehicle registration, academic mark sheet in digital format from the original issuers of these certificates.

Authentication 89

Authentication Mobile Accountability Passwords 89

Security Affairs

JUNE 23, 2020

CLOP ransomware operators have allegedly hacked IndiaBulls Group , an Indian conglomerate headquartered in Gurgaon, India. CLOP ransomware operators have allegedly hacked the Indian conglomerate IndiaBulls Group , its primary businesses are housing finance, consumer finance, and wealth management. . Pierluigi Paganini.

Hacking 101

Hacking Ransomware Banking Mobile 101

Security Affairs

MAY 31, 2020

One vulnerability could allow an authenticated user with subscriber-level and above permissions to update and modify posts. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – PageLayer, hacking).

Hacking 108

Hacking Advertising Authentication Accountability 108

Security Affairs

MARCH 9, 2019

Security experts at Pen Test Partners discovered several vulnerabilities in two smart car alarm systems put three million vehicles globally at risk of hack. Simply by tampering with parameters, one can update the email address registered to the account without authentication, send a password reset to the modified address (i.e.

Hacking 105

Hacking Accountability Engineering Advertising 105

Security Affairs

AUGUST 8, 2020

Chinese researchers discovered tens of vulnerabilities in a Mercedes-Benz E-Class, including issues that can be exploited to remotely hack it. “For accessing the APN networks of backend, one possibility would be using the e-sim of car-parts since the sim account wouldn’t log out automatically. ” the paper concluded.

Hacking 145

Hacking Advertising Mobile Engineering 145

Security Affairs

SEPTEMBER 21, 2019

US authorities have indicted two men for hacking the exchange EtherDelta in December 2017, one of them was also accused of TalkTalk hack. US authorities have indicted two men, Elliot Gunton and Anthony Tyler Nashatka, for hacking the cryptocurrency exchange EtherDelta in 2017. ” reported ZDNet.

Hacking 79

Hacking DNS Cryptocurrency Accountability 79

Security Affairs

FEBRUARY 19, 2020

A new flaw was discovered in a WordPress plugin, this time experts found a zero-day vulnerability in the ThemeREX Addons to create admin accounts. Security experts from WordFence have discovered a zero-day vulnerability in the ThemeREX Addons that was actively exploited by hackers in the wild to create user accounts with admin permissions.

Accountability 127

Accountability Advertising Account Security Authentication 127

Security Affairs

NOVEMBER 22, 2018

The authentication process via German eID cards with RFID chips is flawed, an attacker could impersonate any other citizen. The nightmare comes true, the authentication process via German eID cards with RFID chips is flawed and a flaw could allow an attacker to allow identity spoofing and changing the date of birth. tax service).

Authentication 90

Authentication Advertising Accountability Hacking 90

Security Affairs

FEBRUARY 22, 2019

WhatsApp recently implemented Face ID and Touch ID authentication for Apple iOS app, but unfortunately, it can be easily bypassed. Earlier February, WhatsApp introduced Face ID and Touch ID authentication for its iOS app to allow users to lock the application using the Face ID facial recognition and Touch ID fingerprint systems.

Authentication 79

Authentication Advertising Media Accountability 79

Malwarebytes

JUNE 14, 2021

Although sharing your day’s highlights in snapshots and videos on Instagram can be entertaining, some people claim to feel happier after deleting their accounts. Hackers, scammers, and stalkers can use the photo and video sharing social networking platform to target others, and Instagram is part of Facebook’s advertising panopticon.

Accountability 60

Accountability Mobile Passwords Authentication 60

Security Affairs

FEBRUARY 24, 2020

Slickwraps has disclosed a data breach that impacted over 850,000 user accounts, data were accidentally exposed due to security vulnerabilities. Lynx0x00’s Medium and Twitter accounts have mysteriously vanished but, fortunately, the Internet never truly forgets. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Accountability 92

Accountability Data breaches Passwords Advertising 92

Security Affairs

APRIL 29, 2019

A cyber survey conducted by the United Kingdom’s National Cyber Security Centre (NCSC) revealed that ‘123456’ is still the most hacked password. million user accounts worldwide were using ‘123456’ as password, while 7.7 Another good practice is the set up of multi-factor authentication wherever possible.

Passwords 104

Passwords Accountability Data breaches Advertising 104

Security Affairs

JUNE 5, 2022

The website was advertised through the official BAYC Discord for a Yuga Labs community manager that was previously hackerd. “CertiK analysis reveals that this community manager, account –@BorisVagner (“BorisVagner | SBS” on Discord)– posted a message to BAYC’s Discord server with a phishing link that led to the fake site.

Phishing 131

Phishing Hacking Accountability Scams 131