Accountability, Advertising, Encryption and Hacking

Ragnar Locker ransomware gang advertises Campari hack on Facebook

Security Affairs

NOVEMBER 11, 2020

Ragnar Locker Ransomware operators have started to run Facebook advertisements to force their victims into paying the ransom. In November 2019, ransomware operators have started adopting a new double-extortion strategy first used by the Maze gang that sees threat actors also stealing unencrypted files before encrypting infected systems.

Advertising

Advertising Hacking Ransomware Accountability

Red Cross Hack Linked to Iranian Influence Operation?

Krebs on Security

FEBRUARY 16, 2022

The ICRC said the hacked servers contained data relating to the organization’s Restoring Family Links services, which works to reconnect people separated by war, violence, migration and other causes. In their online statement about the hack (updated on Feb. “Mr. .” Image: Ke-la.com. and other western audiences.

Hacking

Hacking Ransomware Media Accountability

Zoom now supports end-to-end encrypted (E2EE) calls

Security Affairs

OCTOBER 15, 2020

The Video conferencing platform Zoom announced the implementation of end-to-end encryption (E2EE) and its availability starting next week. The popular Video conferencing platform Zoom announced the availability of the end-to-end encryption (E2EE) starting next week. SecurityAffairs – hacking, Zoom). Pierluigi Paganini.

Encryption

Encryption Advertising Accountability Hacking

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

German encrypted email service Tutanota suffers DDoS attacks

Security Affairs

SEPTEMBER 19, 2020

The popular encrypted email service Tutanota was hit with a series of DDoS attacks this week targeting its website fist and its DNS providers later. Encrypted email service, Tutanota suffered a series of DDoS attacks that initially targeted the website and later its DNS providers. SecurityAffairs – hacking, Tutanota).

DDOS

DDOS Encryption DNS Advertising

3.4 Million user records from LiveAuctioneers hack available for sale

Security Affairs

JULY 14, 2020

.” According to the company, attackers accessed personal details of the users, including names, email addresses, mailing addresses, phone numbers, and also encrypted passwords. The company confirmed that the an investigation into the hack is still ongoing. The experts found a post advertising information of roughly 3.4

Hacking

Hacking Data breaches Identity Theft Advertising

Asian media firm E27 hacked, attackers asked for a “donation”

Security Affairs

JUNE 28, 2020

Asian media firm E27 has been hacked by a hacking group identifying themselves as “Korean Hackers” and “Team Johnwick”that asked for a “donation” to provide information on the vulnerabilities they have exploited in the attack. . SecurityAffairs – hacking, E27). Pierluigi Paganini.

Media

Media Hacking Passwords Data breaches

Crooks offered for sale private messages for 81k Facebook accounts

Security Affairs

NOVEMBER 3, 2018

Cybercriminals offered for sale private messages from at least 81,000 Facebook accounts claiming of being in possession of data from 120 million accounts. Crooks are offering for sale Criminals are selling the private messages of 81,000 hacked Facebook accounts for 10 cents per account. ” states the BBC.

Accountability

Accountability Advertising Cybercrime Hacking

The forum of the popular Albion Online game was hacked

Security Affairs

OCTOBER 19, 2020

“The intruder was able to access forum user profiles, which include the e-mail addresses connected to those forum accounts. On top of that, the attacker gained access to encrypted passwords (in technical terms: hashed and salted passwords).” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Hacking

Hacking Data breaches Passwords Advertising

Watch out, your StockX account details may be available in crime forums

Security Affairs

AUGUST 12, 2019

Researchers discovered a dump containing 6,840,339 records associated with StockX user accounts that surfaced in the cybercrime underground. Last week media reported the hack of StockX , the fashion and sneaker trading platform. Now a dump containing 6,840,339 unique StockX user accounts surfaced in the cybercrime underground.

Accountability

Accountability Data breaches Passwords Cybercrime

Who’s Behind the Botnet-Based Service BHProxies?

Krebs on Security

FEBRUARY 24, 2023

The Mylobot malware includes more than 1,000 hard-coded and encrypted domain names, any one of which can be registered and used as control networks for the infected hosts. The service is currently advertising access to more than 150,000 devices globally. The account didn’t resume posting on the forum until April 2014.

Accountability

Accountability Advertising Marketing Malware

STOP ransomware encrypts files and steals victim’s data

Security Affairs

MARCH 11, 2019

Experts observed the STOP ransomware installing the Azorult password-stealing Trojan to steal account credentials, cryptocurrency wallets, and more. Experts observed the ransomware also installing the dreaded Azorult password-stealing Trojan on victim’s machine to steal account credentials, cryptocurrency wallets, documents and more.

Encryption

Encryption Ransomware Cryptocurrency Passwords

One million cracked Poshmark accounts being sold online

Security Affairs

SEPTEMBER 2, 2019

Login details of more than 36 million Poshmark accounts are available for sale in the cybercrime underground. “In mid-2018, social commerce marketplace Poshmark suffered a data breach that exposed 36M user accounts. Now Scott told BleepingComputer that a set of one million cracked Poshmark accounts is circulating online.

Accountability

Accountability Data breaches Passwords Advertising

Network Solutions data breach – hacker accessed data of more 22 Million accounts

Security Affairs

OCTOBER 30, 2019

Network Solutions, one of the world’s biggest domain registrars, disclosed a data breach that impacted 22 million accounts. Network Solutions , one of the world’s biggest domain registrars, disclosed a data breach that may have impacted 22 million accounts, no financial data was exposed. SecurityAffairs – data breach, hacking).

Data breaches

Data breaches Accountability Advertising Encryption

AMT Games data breach: Millions of Users’ Messages, Account IDs, and IP Addresses Exposed

Security Affairs

JUNE 2, 2021

There was no need for a password or login credentials to access the information, and the data was not encrypted. Feedback message data contained Account id, feedback rating given, and users’ email addresses. The leaked account data included in-game transaction history, user id, and username. The leak has since been secured.

Data breaches

Data breaches Accountability Mobile Phishing

DeathRansom ransomware evolves encrypting files, but experts identified its author

Security Affairs

JANUARY 5, 2020

DeathRansom was considered fake ransomware due to the fact that it did not implement an effective encryption process, but now things are changing. DeathRansom is a ransomware family that was initially classified as a joke because it did not implement an effective encryption scheme. ” continues the report. Pierluigi Paganini.

Encryption

Encryption Ransomware Malware Scams

5 Ways to Protect Yourself from IP Address Hacking

Security Affairs

AUGUST 20, 2019

Your IP address represents your digital identity online, hacking it not only allows attackers to access your device or your accounts, but it may cause even bigger damage. It does not allow a hacker to access your device or your accounts but it may cause even bigger damage. SecurityAffairs – Internet, hacking).

Hacking

Hacking VPN Internet Internet

Protonmail hacked …. a very strange scam attempt

Security Affairs

NOVEMBER 17, 2018

A hacker going online by the moniker AmFearLiathMor is claiming to have hacked the most popular end-to-end encrypted email service ProtonMail. “We hacked Protonmail and have a significant amount of their data from the past few months. ProtonMail denied having been hacked that added that this is just a hoax.

Scams

Scams Hacking Data collection Advertising

City of Lafayette (Colorado) paid $45,000 ransom after ransowmare attack

Security Affairs

AUGUST 12, 2020

Now the City of Lafayette admitted they were a victim of a ransomware attack that encrypted its systems and confirmed that opted to pay a $45,000 ransom to receive a decryption tool to recover its files. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – hacking, City of Lafayette).

Backups

Backups Advertising Ransomware Hacking

Kodi discloses data breach after its forum was compromised

Security Affairs

APRIL 14, 2023

. “In the last 24 hours we became aware of a dump of the Kodi user forum (MyBB) software being advertised for sale on internet forums. The account was used to create database backups which were then downloaded and deleted. The account owner has confirmed they did not access the admin console to perform these actions.”

Data breaches

Data breaches Backups Passwords Accountability

ERMAC, a new banking Trojan that borrows the code from Cerberus malware

Security Affairs

SEPTEMBER 27, 2021

The source code of Cerberus was released in September 2020 on underground hacking forums after its operators failed an auction. On August 17, two forum members named “ermac” and “DukeEugene” started advertising the malware. DukeEugene”, posted the following message in his account: “Android botnet ERMAC.

Banking

Banking Malware Mobile Encryption

Minecraft Japanese gamers hit by Chaos ransomware using alt lists as lure

Security Affairs

OCTOBER 31, 2021

FortiGuard Labs researchers who reported the attacks noticed that the variant of ransomware employed in the attacks not only encrypts certain files but also destroys others. This variant not only encrypts certain files but also destroys others, rendering them unrecoverable. SecurityAffairs – hacking, Minecraft).

Ransomware

Ransomware Encryption Accountability Mobile

Ransom Gangs Emailing Victim Customers for Leverage

Krebs on Security

APRIL 5, 2021

“The company has been hacked, data has been stolen and will soon be released as the company refuses to protect its peoples’ data.” This letter is from the Clop ransomware gang, putting pressure on a recent victim named on Clop’s dark web shaming site. “Good day!

Ransomware

Ransomware Advertising Retail DDOS

A flaw in Microsoft OAuth authentication could lead Azure account takeover

Security Affairs

DECEMBER 3, 2019

A vulnerability in the Microsoft OAuth implementation exposes Azure cloud accounts to takeover. is an excellent solution for authorization, if misused or misconfigured, it could have a tremendous impact, allowing for over-privileged third-party applications or the eventual account takeover by malicious attackers.”

Authentication

Authentication Accountability Social Engineering Advertising

FBI and CISA published a new advisory on AvosLocker ransomware

Security Affairs

OCTOBER 13, 2023

The AvosLocker ransomware-as-a-service emerged in the threat landscape in September 2021, since January the group expanded its targets by implementing support for encrypting Linux systems, specifically VMware ESXi servers. This joint CSA updates the advisory published by the US Government on March 17, 2022.

Ransomware

Ransomware System Administration Antivirus Malware

Cryptocurrency Platform Atlas Quantum hacked, 260k users impacted

Security Affairs

AUGUST 28, 2018

Exposed data includes customer names, phone numbers, and email addresses, as well as customer account balances. The platform allows users to trade the cryptocurrency in their accounts on multiple platforms in a way to maximize the profits thanks to its automated arbitrage system. Pierluigi Paganini.

Cryptocurrency

Cryptocurrency Hacking Data breaches Passwords

USPS Site Exposed Data on 60 Million Users

Krebs on Security

NOVEMBER 21, 2018

Postal Service just fixed a security weakness that allowed anyone who has an account at usps.com to view account details for some 60 million other users, and in some cases to modify account details on their behalf. A USPS brochure advertising the features and benefits of Informed Visibility. Image: USPS.com.

Accountability

Accountability Authentication Identity Theft Advertising

FBI issued a flash alert on Lockbit ransomware operation

Security Affairs

FEBRUARY 5, 2022

After ransomware ads were banned on hacking forum, the LockBit operators set up their own leak site promoting the latest variant and advertising the LockBit 2.0 attempts to encrypt any data saved to any local or remote device but skips files associated with core system functions.” Like other ransomware gangs, Lockbit 2.0

Ransomware

Ransomware Backups Encryption Accountability

How Can You Keep Your Personal Information Safe?

CyberSecurity Insiders

OCTOBER 29, 2021

A few simple changes to your devices and accounts can help discourage cyber criminals from trying to access your data. Giants like Facebook and Target have suffered breaches and password leaks, so it’s safe to say data from at least one of your online accounts could have been leaked. The Dark Web Uses Encryption to Hide Locations.

Passwords

Passwords Advertising Data breaches Accountability

Nexus, an emerging Android banking Trojan targets 450 financial apps

Security Affairs

MARCH 23, 2023

Nexus is available via a Malware-as-a-Service (MaaS) subscription and is advertised on underground forums or through private channels (e.g., However, Cleafy’s Threat Intelligence & Response Team reported having detected the first Nexus infections in June 2022, months before the MaaS was publicly advertised.

Banking

Banking Cryptocurrency Malware Advertising

Meal delivery service Home Chef discloses data breach

Security Affairs

MAY 21, 2020

In early May, Shiny Hunters hacking group started offering for sale the databases containing tens of millions from user records from over 11 companies. There’s no need to adjust the other sections on the Account page (e.g. Home Chef users should remain vigilant against phishing attacks and suspicious activity in their accounts.

Data breaches

Data breaches Passwords Advertising Accountability

Getting Started: A Beginner’s Guide for Improving Privacy

Security Boulevard

JANUARY 16, 2024

Use a secure (encrypted) email provider Which secure email provider should you use? Put into context, it would make little sense to use a privacy-oriented browser and all the features such a browser may have to offer, but continue to reuse passwords across online accounts. Use private search engines Which search engines should you use?

Accountability

Accountability Engineering Passwords Internet

Data of 21 million Mixcloud users available for sale on the dark web

Security Affairs

DECEMBER 1, 2019

On Friday, the hacker that goes online with the handle “A_W_S” contacted multiple media outlets to disclose the hack, it also provided data samples as proof of the data breach. The hack took place in early November and exposed data for more than 20 million user accounts. ” reads a post published by Techcrunch.

Data breaches

Data breaches Passwords Advertising Hacking

Avoslocker ransomware gang targets US critical infrastructure

Security Affairs

MARCH 19, 2022

The AvosLocker ransomware-as-a-service emerged in the threat landscape in September 2021, since January the group expanded its targets by implementing the support for encrypting Linux systems, specifically VMware ESXi servers. Review domain controllers, servers, workstations, and active directories for new or unrecognized user accounts.

Ransomware

Ransomware DDOS Passwords Backups

Security Affairs newsletter Round 417 by Pierluigi Paganini – International edition

Security Affairs

APRIL 30, 2023

Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Cybercrime

Cybercrime Malware Hacking Accountability

Millions of Xiongmai video surveillance devices can be easily hacked via cloud feature

Security Affairs

OCTOBER 10, 2018

Millions of Xiongmai video surveillance devices can be easily hacked via cloud feature, a gift for APT groups and cyber crime syndicates. Xiongmai hereinafter) that are open to hack. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Security Affairs – Xiongmai, hacking ).

Surveillance

Surveillance Hacking Firmware Manufacturing

DoppelPaymer Ransomware hits City of Torrance and demands a 680K+ ransom

Security Affairs

APRIL 22, 2020

On Sunday, the computer systems in the city of Torrance suffered a cyber attack that interrupted access to email accounts and server functions. “Based on the names of the archives, this data includes city budget financials, various accounting documents, document scans, and an archive of documents belonging to the City Manager.”

Ransomware

Ransomware Advertising Backups Data breaches

Security Affairs newsletter Round 282

Security Affairs

SEPTEMBER 20, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. .

DDOS

DDOS Ransomware Data breaches Advertising

FBI warns of crooks targeting online shoppers during the holiday season

Security Affairs

NOVEMBER 25, 2021

.” Cybercriminals will attempt to entice their victims in multiple ways including: E-mails advertising hot-ticket or products that are hard to find on the market, such as event tickets or gaming systems. Advertisements on social media platforms that promote non-existent or counterfeit items. SecurityAffairs – hacking, FBI).

Scams

Scams Identity Theft Advertising Media

Security Affairs newsletter Round 242

Security Affairs

DECEMBER 1, 2019

Facebook and Twitter warn of malicious SDK harvesting personal data from its accounts. Some Fortinet products used hardcoded keys and weak encryption for communications. Adobe revealed that the Magento Marketplace was hacked. Upbit cryptocurrency exchange hacked, crooks stole $48.5 million worth of ETH.

Advertising

Advertising Ransomware Cryptocurrency Government

The team behind the Joomla CMS discloses a data breach

Security Affairs

JUNE 1, 2020

The Joomla Resources Directory portal allows professionals and developers to advertise their services. “The audit also highlighted the presence of Super User accounts owned by individuals outside Open Source Matters,” continues the notification. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Data breaches

Data breaches Backups Passwords Advertising

SILENTFADE a long-running malware campaign targeted Facebook AD platform

Security Affairs

OCTOBER 3, 2020

The social network giant revealed that malware has a Chinese origin and allowed hackers to siphon $4 million from users’ advertising accounts. Threat actors initially compromised Facebook accounts, then used them to steal browser cookies and carry out malicious activities, including the promotion of malicious ads.

Malware

Malware Advertising Accountability Authentication

Belarussian authorities arrested GandCrab ransomware distributor

Security Affairs

AUGUST 3, 2020

The GandCrab was advertised in the Russian hacking community, researchers from LMNTRIX who discovered it noticed that authors was leveraging the RIG and GrandSoft exploit kits to distribute the malware. ransom amount, individual bots and encryption masks). reads the translation of the ad. reads the translation of the ad.

Ransomware

Ransomware Advertising Malware Hacking

Crooks stole about $10 million from GateHub cryptocurrency wallet service

Security Affairs

JUNE 7, 2019

GateHub explained that each API requests to the victim’s accounts were authorized with a valid access token. The experts identified several other accounts connected to the cyber heists, for a total of 12 primary suspect accounts. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Cryptocurrency

Cryptocurrency Accountability Advertising Encryption

Hacking eCommerce sites based on OXID eShop by chaining 2 flaws

Security Affairs

JULY 30, 2019

Researchers at RIPS Technologies discovered vulnerabilities in the OXID eShop platform that could expose eCommerce websites to hack. The first issue, tracked as CVE-2019-13026, is an SQL injection vulnerability that could be exploited by an unauthenticated attacker to create a new administrator account. Pierluigi Paganini.

eCommerce

eCommerce Hacking Advertising Software

Ragnar Locker ransomware gang advertises Campari hack on Facebook

Red Cross Hack Linked to Iranian Influence Operation?

Webinars

Trending Sources

Zoom now supports end-to-end encrypted (E2EE) calls

Webinars

German encrypted email service Tutanota suffers DDoS attacks

3.4 Million user records from LiveAuctioneers hack available for sale

Asian media firm E27 hacked, attackers asked for a “donation”

Crooks offered for sale private messages for 81k Facebook accounts

The forum of the popular Albion Online game was hacked

Watch out, your StockX account details may be available in crime forums

Who’s Behind the Botnet-Based Service BHProxies?

STOP ransomware encrypts files and steals victim’s data

One million cracked Poshmark accounts being sold online

Network Solutions data breach – hacker accessed data of more 22 Million accounts

AMT Games data breach: Millions of Users’ Messages, Account IDs, and IP Addresses Exposed

DeathRansom ransomware evolves encrypting files, but experts identified its author

5 Ways to Protect Yourself from IP Address Hacking

Protonmail hacked …. a very strange scam attempt

City of Lafayette (Colorado) paid $45,000 ransom after ransowmare attack

Kodi discloses data breach after its forum was compromised

ERMAC, a new banking Trojan that borrows the code from Cerberus malware

Minecraft Japanese gamers hit by Chaos ransomware using alt lists as lure

Ransom Gangs Emailing Victim Customers for Leverage

A flaw in Microsoft OAuth authentication could lead Azure account takeover

FBI and CISA published a new advisory on AvosLocker ransomware

Cryptocurrency Platform Atlas Quantum hacked, 260k users impacted

USPS Site Exposed Data on 60 Million Users

FBI issued a flash alert on Lockbit ransomware operation

How Can You Keep Your Personal Information Safe?

Nexus, an emerging Android banking Trojan targets 450 financial apps

Meal delivery service Home Chef discloses data breach

Getting Started: A Beginner’s Guide for Improving Privacy

Data of 21 million Mixcloud users available for sale on the dark web

Avoslocker ransomware gang targets US critical infrastructure

Security Affairs newsletter Round 417 by Pierluigi Paganini – International edition

Millions of Xiongmai video surveillance devices can be easily hacked via cloud feature

DoppelPaymer Ransomware hits City of Torrance and demands a 680K+ ransom

Security Affairs newsletter Round 282

FBI warns of crooks targeting online shoppers during the holiday season

Security Affairs newsletter Round 242

The team behind the Joomla CMS discloses a data breach

SILENTFADE a long-running malware campaign targeted Facebook AD platform

Belarussian authorities arrested GandCrab ransomware distributor

Crooks stole about $10 million from GateHub cryptocurrency wallet service

Hacking eCommerce sites based on OXID eShop by chaining 2 flaws

Stay Connected