Accountability, Authentication, Information Security and Internet

Hacker hijacked Orange Spain RIPE account causing internet outage to company customers

Security Affairs

JANUARY 4, 2024

An internet outage impacted Orange Spain after a hacker gained access to the company’s RIPE account to misconfigure BGP routing. The hacker, who uses the moniker ‘Snow’, gained access to the RIPE account of Orange Spain and misconfigured the BGP routing causing an internet outage. orange_es Meow meow meow!

Internet

Internet Internet Accountability Passwords

Over 39K unauthenticated Redis services on the internet targeted in cryptocurrency campaign

Security Affairs

SEPTEMBER 22, 2022

Threat actors targeted tens thousands of unauthenticated Redis servers exposed on the internet as part of a cryptocurrency campaign. The tool is not designed to be exposed on the Internet, however, researchers spotted tens thousands Redis instance publicly accessible without authentication. ” warns Censys.

Cryptocurrency

Cryptocurrency Internet Internet Hacking

Over 91,000 LG smart TVs running webOS are vulnerable to hacking

Security Affairs

APRIL 9, 2024

“An error in the account handler lets an attacker skip the PIN verification entirely and create a privileged user profile.” ” The researchers pointed out that despite the vulnerable service is intended for LAN access only, querying Shodan they identified over 91,000 devices that expose the service to the Internet.

Hacking

Hacking Internet Internet Authentication

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Spanish police dismantled SIM swapping gang who stole money from victims’ bank accounts

Security Affairs

FEBRUARY 10, 2022

Spanish National Police has arrested eight alleged members of a crime organization who were able to steal money from the bank accounts of the victims through SIM swapping attacks. Once hijacked a SIM, the attackers can steal money, cryptocurrencies and personal information, including contacts synced with online accounts.

Banking

Banking Accountability Mobile Cryptocurrency

U.S. CISA: hackers breached a state government organization

Security Affairs

FEBRUARY 16, 2024

CISA revealed that threat actors breached an unnamed state government organization via an administrator account belonging to a former employee. The threat actor likely obtained the employee’s account credentials from a third-party data breach. ” reads the report published by CISA.

Government

Government VPN Accountability Authentication

ShinyHunters hacked Pluto TV service, 3.2M accounts exposed

Security Affairs

NOVEMBER 15, 2020

million Pluto TV user accounts on a hacking forum for free, he claims they were stolen by ShinyHunters threat actor. Bleeping Computer, which has validated the authenticity of the archive, reported that the latest record in the database was created on October 12th, 2018. accounts exposed appeared first on Security Affairs.

Accountability

Accountability Hacking Data breaches Passwords

TroyStealer – A new info stealer targeting Portuguese Internet users

Security Affairs

JUNE 13, 2020

There seems to be a new stealer in town called #TroyStealer , targeting Portuguese internet users EXE: [link] Exfil email address: domionhuby@gmail.com Has anyone seen this threat before? /cc The message sent in the email template is related to problems with the victim’s bank account. on Twitter, and targeting Portuguese users.

Internet

Internet Internet Malware Banking

Vishing attacks conducted to steal corporate accounts, FBI warns

Security Affairs

JANUARY 19, 2021

The Federal Bureau of Investigation (FBI) has issued a notification warning of ongoing vishing attacks attempting to steal corporate accounts. The threat actors are using Voice over Internet Protocol (VoIP) platforms to obtain employees’ credentials. If you want to receive the weekly Security Affairs Newsletter for free subscribe here.

Accountability

Accountability VPN Social Engineering Phishing

Russia-linked APT29 switched to targeting cloud services

Security Affairs

FEBRUARY 26, 2024

.” To infiltrate the cloud-hosted network of the majority of victims, attackers have to authenticate themselves successfully with the cloud provider. In previous campaigns associated with this threat actor, APT29 used brute forcing and password spraying to compromise service accounts. ” continues the advisory.

Accountability

Accountability Authentication Passwords Internet

9 Possible Ways Hackers Can Use Public Wi-Fi to Steal Your Sensitive Data

Security Affairs

FEBRUARY 12, 2024

They might even lock you out of your own accounts by resetting your passwords. Avoid entering any data if you see a warning message about a site’s authenticity. Most browsers will alert you if a site isn’t secure. Check your social media accounts for active sessions and log out of any you don’t recognize.

DNS

DNS VPN Encryption Passwords

Experts released PoC exploit code for Cisco IOS XE flaw CVE-2023-20198

Security Affairs

OCTOBER 31, 2023

The advisory published by the vendor states that the exploitation of the vulnerability allows a remote, unauthenticated attacker to create an account on an affected system with privilege level 15 access. This vulnerability allows a remote, unauthenticated attacker to create an account on an affected system with privilege level 15 access.

Internet

Internet Internet Software Accountability

Experts warn of massive internet scans for SAP systems affected by RECON Vulnerability

Security Affairs

JULY 18, 2020

Hackers have been scanning the Internet for SAP systems affected by RECON vulnerability, researchers from Bad Packets warn. Researchers from Bad Packets reported that threat actors have been scanning the Internet for SAP systems affected by RECON vulnerability , , tracked as CVE-2020-6287. Pierluigi Paganini.

Internet

Internet Internet Advertising Accountability

Chinese cyberspies obtained Microsoft signing key from Windows crash dump due to a mistake

Security Affairs

SEPTEMBER 6, 2023

Microsoft revealed that the Chinese group Storm-0558 stole a signing key used to breach government email accounts from a Windows crash dump. The attackers forged authentication tokens to access user email using an acquired Microsoft account (MSA) consumer signing key. ” reads the analysis published by Microsoft.

Accountability

Accountability Government Authentication Engineering

Security Affairs newsletter Round 462 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

MARCH 10, 2024

Judge ordered NSO Group to hand over the Pegasus spyware code to WhatsApp Cybercrime BlackCat Ransomware Affiliate TTPs American Express credit cards EXPOSED in third-party vendor data breach – account numbers and names among details accessed in hack LockBit 3.0’S

Spyware

Spyware Data breaches Hacking Ransomware

Slickwraps discloses data leak that impacted 850,000 user accounts

Security Affairs

FEBRUARY 24, 2020

Slickwraps has disclosed a data breach that impacted over 850,000 user accounts, data were accidentally exposed due to security vulnerabilities. Lynx0x00’s Medium and Twitter accounts have mysteriously vanished but, fortunately, the Internet never truly forgets. ” reported Slashgear. Pierluigi Paganini.

Accountability

Accountability Data breaches Passwords Advertising

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

Security Affairs

OCTOBER 17, 2023

Sandworm were observed targeting open ports and unprotected RDP or SSH interfaces to gain access to the internet-facing systems. ’ The CERT-UA also reported that the state-sponsored hackers used compromised VPN accounts that weren’t protected by multi-factor authentication. “Note (!) .’ “Note (!)

Telecommunications

Telecommunications Authentication Data collection Passwords

China-linked threat actors have breached telcos and network service providers

Security Affairs

JUNE 8, 2022

“Upon gaining an initial foothold into a telecommunications organization or network service provider, PRC state-sponsored cyber actors have identified critical users and infrastructure including systems critical to maintaining the security of authentication, authorization, and accounting.

Telecommunications

Telecommunications Authentication Passwords Accountability

Residential Proxies vs. Datacenter Proxies: Choosing the Right Option

Security Affairs

FEBRUARY 12, 2024

Datacenter Proxies: this blog post examines the contours of each type and provides info on how to choose the perfect proxy option In the robust landscape of the digital era, our need for privacy, security, and accessibility on the internet has never been more acute. It really boils down to your specific needs.

Internet

Internet Internet Marketing Authentication

AT&T confirmed that a data breach impacted 73 million customers

Security Affairs

MARCH 30, 2024

In August 2021, the group asked $1 million for the entire database, or $200,000 for access, according to the RestorePrivacy website that examined a sample that appears authentic. million current AT&T account holders and approximately 65.4 million former account holders.” reads the RestorePrivacy website.

Data breaches

Data breaches Telecommunications Cybercrime Hacking

US citizens lost more than $68M to SIM swap attacks in 2021, FBI warns

Security Affairs

FEBRUARY 10, 2022

In 2018, the FBI Internet Crime Complaint Center (IC3) received complaints for 1,611 SIM swapping attacks, while the number of complaints in the period between 2018 e 2002 was 320 causing a total of losses of $12 million. Use a variation of unique passwords to access online accounts. Be aware of any changes in SMS-based connectivity.

Mobile

Mobile Cryptocurrency Authentication Accountability

Atlassian Confluence zero-day CVE-2023-22515 actively exploited in attacks

Security Affairs

OCTOBER 4, 2023

. “Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts and access Confluence instances.”

Software

Software Accountability Authentication Internet

ALPHV/BlackCat ransomware affiliate targets Veritas Backup solution bugs

Security Affairs

APRIL 4, 2023

Below is the list of flaws exploited by the ransomware gang’s affiliate: CVE-2021-27876 : The communication between a client and an Agent requires successful authentication, which is typically completed over a secure TLS communication. It supports multiple authentication schemes: SHA authentication is one of these.

Backups

Backups Ransomware Authentication Penetration Testing

Why Don’t You Go Dox Yourself?

Cisco Security

OCTOBER 7, 2022

By understanding the tools and methods used by those with ill intent, you’ll be better prepared to keep yourself safe and your information secure. Your mission, should you choose to accept it, is to follow along and find out everything the internet knows about… you! HOW DO I “DOX MYSELF”?

Media

Media Identity Theft Accountability Internet

Top 10 web application vulnerabilities in 2021–2023

SecureList

MARCH 12, 2024

Broken Authentication 5. Broken Authentication 5. Recommendations provided in these rankings are general in nature and based on information security best practices standards and guidelines, such as OWASP and NIST. Mitigation: implement authentication and authorization controls according to the role-based access model.

Passwords

Passwords Authentication Architecture Risk

A still unpatched zero-day RCE impacts more than 3.5M Exim servers

Security Affairs

SEPTEMBER 29, 2023

A remote, unauthenticated attacker, can exploit the vulnerability to gain remote code execution (RCE) on Internet-exposed servers. Authentication is not required to exploit this vulnerability.” An attacker can leverage this vulnerability to execute code in the context of the service account.”

Software

Software Authentication Internet Internet

Announcing the winners of the 2020 GCP VRP Prize

Google Security

MARCH 17, 2021

Posted by Harshvardhan Sharma, Information Security Engineer, Google We first announced the GCP VRP Prize in 2019 to encourage security researchers to focus on the security of Google Cloud Platform (GCP), in turn helping us make GCP more secure for our users, customers, and the internet at large.

Engineering

Engineering Authentication Accountability Internet

GUEST ESSAY : Advanced tech to defend API hacking is now readily available to SMBs

The Last Watchdog

APRIL 4, 2022

SMBs and enterprises alike have been struggling with APIs as a mechanism for information security. To protect against these attacks, businesses need to implement a wide range of strong API security measures such as authentication, authorization, encryption, and vulnerability scanning.

Hacking

Hacking Penetration Testing Data breaches Authentication

FBI warns swatting attacks on owners of smart devices

Security Affairs

JANUARY 2, 2021

The FBI recommends users to enable two-factor authentication (2FA) for smart devices exposed online. The FBI also recommends customers to don’t use an email account in 2FA for the second factor, instead recommends the use of a mobile device number. ” concludes the alert. Pierluigi Paganini.

Passwords

Passwords Surveillance Manufacturing Accountability

QNAP users are recommended to disable UPnP port forwarding on routers

Security Affairs

APRIL 19, 2022

UPnP is an insecure protocol, it uses network UDP multicasts, and doesn’t support encryption and authentication. ” The vendor also recommends enabling the VPN server function on the user router to access QNAP NAS from the Internet. Only use encrypted HTTPS or other types of secure connections (SSH, etc.).

VPN

VPN Internet Internet Firewall

MITRE attributes the recent attack to China-linked UNC5221

Security Affairs

MAY 7, 2024

The state-sponsored hackers first gaining initial access to NERVE on December 31, then they deployed the ROOTROT web shell on The adversary deployed the ROOTROT web shell on Internet-facing Ivanti appliances. On January 4, 2024, the threat actors conducted a reconnaissance on NERVE environment. ” reads the update published by Mitre.

Malware

Malware Hacking Accountability Authentication

Airlift Express Fixes Vulnerabilities in Its E-commerce Store

Security Affairs

APRIL 2, 2021

PrivacySavvy experts discovered an OTP vulnerability in Airlift Express, which could lead to account hacks and exploits by cybercriminals. A team of security researchers from PrivacySavvy recently discovered an OTP vulnerability in Airlift Express, which could lead to account hacks and exploits by cybercriminals.

Passwords

Passwords Authentication Internet Internet

AT&T states that the data breach impacted 51 million former and current customers

Security Affairs

APRIL 10, 2024

In August 2021, the group asked $1 million for the entire database, or $200,000 for access, according to the RestorePrivacy website that examined a sample that appears authentic. “To the best of our knowledge, personal financial information and call history were not included. reads the RestorePrivacy website.

Data breaches

Data breaches Telecommunications Identity Theft Hacking

Russia-linked threats actors exploited default MFA protocol and PrintNightmare bug to compromise NGO cloud

Security Affairs

MARCH 16, 2022

As early as May 2021, the attackers took advantage of a misconfigured account set to default MFA protocols at a non-governmental organization (NGO), allowing them to enroll a new device for MFA and access the victim network. Contrary to best practices recommended, the account was still active in the organization’s Active Directory.

Accountability

Accountability Passwords Authentication Firmware

Five Eyes agencies warn of attacks on MSPs

Security Affairs

MAY 12, 2022

. “The CSA—created in response to reports of increased activity against MSPs and their customers—provides specific guidance for both MSPs and customers aimed at enabling transparent discussions on securing sensitive data.” Improve security of vulnerable devices. Enforce multifactor authentication (MFA).

Authentication

Authentication Accountability Architecture Backups

Threat actors are offering access to corporate networks via unauthorized Fortinet VPN access

Security Affairs

NOVEMBER 29, 2022

In early October, Fortinet addressed the critical authentication bypass flaw, tracked as CVE-2022-40684, that impacted FortiGate firewalls and FortiProxy web proxies. On October 18, Fortinet confirmed the critical authentication bypass vulnerability is being exploited in the wild. ” concludes the post.

VPN

VPN Firewall Authentication Internet

Nexx bugs allow to open garage doors, and take control of alarms and plugs

Security Affairs

APRIL 5, 2023

.” The researchers reported the issues to the United States Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA), which assigned the following five CVEs: Use of Hard-coded Credentials CWE-798 ( CVE-2023–1748 , CVSS3.0: Improper Authentication Validation CWE-287 ( CVE-2023–1752 , CVSS3.0:

Manufacturing

Manufacturing Media Firewall Education

Social marketplace Trustanduse exposes nearly half a million users

Security Affairs

JANUARY 12, 2023

The researchers ensure that credential stuffing attacks, when perpetrators use stolen account credentials to gain unauthorized access to user accounts on other systems, are unlikely. After the discovery in June, researchers repeatedly detected the same database on different internet protocol (IP) addresses in October and December 2022.

Media

Media Accountability Authentication Internet

German police identified a gang that stole €4 million via phishing attacks

Security Affairs

OCTOBER 2, 2022

Germany’s Bundeskriminalamt (BKA) arrested an individual (24) suspected of having stolen €4,000,000 from internet users via phishing attacks along with a two accomplices who are suspected. The victims were informed in these letters that their house bank would change their security system – and their own account would be affected.”

Phishing

Phishing Banking DDOS Accountability

Hundreds of female sports stars and celebrities have their naked photos and videos leaked online

Security Affairs

NOVEMBER 22, 2020

The athletes are now evaluating all the options to have the photos and videos removed from the internet, but they know that it is quite impossible. ” “It can take years to pursue, just to get it taken down from the internet. The NCSC recommends people turn on two-factor authentication where it’s available.”

Authentication

Authentication Passwords Hacking Internet

An educational robot security research

SecureList

FEBRUARY 27, 2024

” For instance, educational robots that connect to the internet and support video calls. ” Interactive features include gaming and educational applications for children, a voice assistant, internet access and connection to the parent app for smartphones. This was the first security-related issue we discovered.

Education

Education Manufacturing Firmware Internet

Law enforcement arrested 8 people that targeted celebrities with SIM swapping attacks

Security Affairs

FEBRUARY 10, 2021

. “NCA Cyber Crime officers, working with agents from the US Secret Service, Homeland Security Investigations, the FBI and the Santa Clara California District Attorney’s Office, uncovered a network of criminals in the UK working together to access victims’ phone numbers and take control of their apps or accounts by changing the passwords.”

Cybercrime

Cybercrime Cryptocurrency Accountability Authentication

16 Remote Access Security Best Practices to Implement

eSecurity Planet

AUGUST 22, 2023

The technologies for secure remote access can range from VPNs and multi-factor authentication to more advanced access and zero trust controls. We’ll cover a range of best practices for remote access security, from the simple and the practical to the more advanced. Avoid using default or simple-to-guess passwords.

Passwords

Passwords Authentication Encryption VPN

A flaw in Dahua IP Cameras allows full take over of the devices

Security Affairs

JULY 31, 2022

. “We’re publishing the details of a new vulnerability (tracked under CVE-2022-30563) affecting the implementation of the Open Network Video Interface Forum (ONVIF) WS-UsernameToken authentication mechanism in some IP cameras developed by Dahua, a very popular manufacturer of IP-based surveillance solutions.”

Surveillance

Surveillance Authentication Telecommunications Manufacturing

Gamblers’ data compromised after casino giant Strendus fails to set password

Security Affairs

NOVEMBER 15, 2023

The Cybernews research team discovered that Strendus, a Mexican-licensed online casino, had left public access to 85GB of its authentication logs, with hundreds of thousands of entries containing private gamblers’ data. IP addresses are used to ensure that internet communications are sent and received by the intended device.

Passwords

Passwords Identity Theft Social Engineering Spyware

Hacker hijacked Orange Spain RIPE account causing internet outage to company customers

Over 39K unauthenticated Redis services on the internet targeted in cryptocurrency campaign

Webinars

Trending Sources

Over 91,000 LG smart TVs running webOS are vulnerable to hacking

Webinars

Spanish police dismantled SIM swapping gang who stole money from victims’ bank accounts

U.S. CISA: hackers breached a state government organization

ShinyHunters hacked Pluto TV service, 3.2M accounts exposed

TroyStealer – A new info stealer targeting Portuguese Internet users

Vishing attacks conducted to steal corporate accounts, FBI warns

Russia-linked APT29 switched to targeting cloud services

9 Possible Ways Hackers Can Use Public Wi-Fi to Steal Your Sensitive Data

Experts released PoC exploit code for Cisco IOS XE flaw CVE-2023-20198

Experts warn of massive internet scans for SAP systems affected by RECON Vulnerability

Chinese cyberspies obtained Microsoft signing key from Windows crash dump due to a mistake

Security Affairs newsletter Round 462 by Pierluigi Paganini – INTERNATIONAL EDITION

Slickwraps discloses data leak that impacted 850,000 user accounts

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

China-linked threat actors have breached telcos and network service providers

Residential Proxies vs. Datacenter Proxies: Choosing the Right Option

AT&T confirmed that a data breach impacted 73 million customers

US citizens lost more than $68M to SIM swap attacks in 2021, FBI warns

Atlassian Confluence zero-day CVE-2023-22515 actively exploited in attacks

ALPHV/BlackCat ransomware affiliate targets Veritas Backup solution bugs

Why Don’t You Go Dox Yourself?

Top 10 web application vulnerabilities in 2021–2023

A still unpatched zero-day RCE impacts more than 3.5M Exim servers

Announcing the winners of the 2020 GCP VRP Prize

GUEST ESSAY : Advanced tech to defend API hacking is now readily available to SMBs

FBI warns swatting attacks on owners of smart devices

QNAP users are recommended to disable UPnP port forwarding on routers

MITRE attributes the recent attack to China-linked UNC5221

Airlift Express Fixes Vulnerabilities in Its E-commerce Store

AT&T states that the data breach impacted 51 million former and current customers

Russia-linked threats actors exploited default MFA protocol and PrintNightmare bug to compromise NGO cloud

Five Eyes agencies warn of attacks on MSPs

Threat actors are offering access to corporate networks via unauthorized Fortinet VPN access

Nexx bugs allow to open garage doors, and take control of alarms and plugs

Social marketplace Trustanduse exposes nearly half a million users

German police identified a gang that stole €4 million via phishing attacks

Hundreds of female sports stars and celebrities have their naked photos and videos leaked online

An educational robot security research

Law enforcement arrested 8 people that targeted celebrities with SIM swapping attacks

16 Remote Access Security Best Practices to Implement

A flaw in Dahua IP Cameras allows full take over of the devices

Gamblers’ data compromised after casino giant Strendus fails to set password

Stay Connected