Security Affairs

AUGUST 15, 2022

Security researchers from Cleafy reported that the SOVA Android banking malware is back and is rapidly evolving. The SOVA Android banking trojan was improved, it has a new ransomware feature that encrypts files on Android devices, Cleafy researchers report. The malware has been active since 2021 and evolves over time.

Encryption 98

Encryption Malware Banking Ransomware 98

Security Affairs

JUNE 13, 2023

A database containing the personal information of more than 8.9 million Zacks Investment Research users was leaked on a cybercrime forum. A database containing personal information of 8,929,503 Zacks Investment Research users emerged on a popular hacking forum on June 10, 2023.

Data breaches 85

Data breaches Passwords Cybercrime Encryption 85

Security Affairs

APRIL 17, 2024

It is a fairly recent improper authorization vulnerability that allows an attacker to reset the Confluence application and create a new administrator account using an unprotected configuration restore endpoint used by the setup wizard.” ” states Cado Security. ” continues the report.

Ransomware 133

Ransomware Encryption Malware Accountability 133

Security Affairs

APRIL 21, 2024

The Akira ransomware operators implement a double extortion model by exfiltrating victims’ data before encrypting it. Earlier versions of the ransomware were written in C++ and the malware added the.akira extension to the encrypted files. In some attacks, threat actors created an administrative account named itadm.

Ransomware 105

Ransomware Encryption Antivirus VPN 105

Security Affairs

NOVEMBER 13, 2021

Threat actors are distributing the GravityRAT remote access trojan masqueraded as an end-to-end encrypted chat application named SoSafe Chat. Threat actors are distributing the GravityRAT RAT masqueraded as an end-to-end encrypted chat application named SoSafe Chat. Gets connected network information. Record audio.

Encryption 129

Encryption Malware Media Authentication 129

Security Affairs

SEPTEMBER 2, 2019

Login details of more than 36 million Poshmark accounts are available for sale in the cybercrime underground. The company discovered unauthorized access to its servers, the intruders stole personal information of the users, including usernames , hashed passwords, first and last names, gender information, and city of residenc.

Accountability 83

Accountability Data breaches Passwords Advertising 83

Security Affairs

AUGUST 12, 2019

Researchers discovered a dump containing 6,840,339 records associated with StockX user accounts that surfaced in the cybercrime underground. A threat actor stole details of 6 million users, the stolen data includes user names, email addresses, addresses, shoe size, purchase history, and encrypted passwords (salted MD5).

Accountability 81

Accountability Data breaches Passwords Cybercrime 81

Security Affairs

JANUARY 1, 2024

The MultiLogin endpoint endpoint is an internal mechanism that allows the synchronization of Google accounts across services. This endpoint receives a vector containing account IDs and auth-login tokens for efficiently handling concurrent sessions or seamlessly transitioning between user profiles. ” continues the report.

Malware 130

Malware Penetration Testing Passwords Encryption 130

SecureWorld News

JULY 3, 2023

Human error accounts for 95% of all data breaches. According to PurpleSec, 98% of cybercrime relies on social engineering to accomplish it. Ransomware is malware that encrypts the victim's data and demands a ransom for its decryption. Cybercrime is a highly profitable business. Cybercrime is a highly profitable business.

Cybercrime 87

Cybercrime Social Engineering Data breaches Education 87

Security Affairs

NOVEMBER 19, 2023

Phobos variants are usually distributed by the SmokeLoader , but in 8Base campaigns, it has the ransomware component embedded in its encrypted payloads. 8base” file extension for encrypted documents, a circumstance that suggested a possible link to the 8Base group or the use of the same code-base for their ransomware.

Ransomware 124

Ransomware Encryption Backups Manufacturing 124

Security Affairs

FEBRUARY 18, 2024

Datacenter Proxies: Choosing the Right Option CISA adds Roundcube Webmail Persistent XSS bug to its Known Exploited Vulnerabilities catalog Canada Gov plans to ban the Flipper Zero to curb car thefts ExpressVPN leaked DNS requests due to a bug in the split tunneling feature 9 Possible Ways Hackers Can Use Public Wi-Fi to Steal Your Sensitive Data US (..)

Cybercrime 96

Cybercrime Ransomware Malware Data breaches 96

Security Affairs

APRIL 14, 2023

The threat actors also attempted to sell the stolen data on the BreachForums cybercrime forum that was recently shut down by law enforcement. The account was used to create database backups which were then downloaded and deleted. The account owner has confirmed they did not access the admin console to perform these actions.”

Data breaches 92

Data breaches Backups Passwords Accountability 92

Security Affairs

DECEMBER 21, 2023

The database included the personally identifiable information of Blink Mobility customers and administrators, including: Phone number Email address Encrypted password Registration date Device info and device token Details on subscription and rented vehicles (license plate, VIN, booking start and end location, etc.)

Mobile 104

Mobile Identity Theft Passwords Phishing 104

Security Affairs

JANUARY 5, 2020

DeathRansom was considered fake ransomware due to the fact that it did not implement an effective encryption process, but now things are changing. DeathRansom is a ransomware family that was initially classified as a joke because it did not implement an effective encryption scheme. ” continues the report. Pierluigi Paganini.

Encryption 63

Encryption Ransomware Malware Scams 63

Security Affairs

APRIL 30, 2023

Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Cybercrime 88

Cybercrime Malware Hacking Accountability 88

Security Affairs

JULY 8, 2021

Guidehouse provides account maintenance services to Morgan Stanley’s StockPlan Connect business, hackers breached its Accellion FTA server and stole information belonging to Morgan Stanley stock plan participants. The company pointed out that exposed files did not contain passwords that could be used to access financial accounts.

Data breaches 120

Data breaches Hacking Banking Financial Services 120

Security Affairs

JANUARY 30, 2024

Kroll researchers reported that the ransomware strain outstands for the use of encryption to protect the ransomware binary. The ransomware identifies user accounts by viewing successful logins in Windows Event Viewer, it also uses a modified variant of the open-source PSnmap Tool.

Ransomware 126

Ransomware Hacking Data breaches Digital transformation 126

Security Affairs

SEPTEMBER 27, 2021

Researchers from vpnMentor recently published a report that sheds the light on the use of Telegram in the cybercrime ecosystem. vpnMentor researchers joined several cybercrime-focused Telegram groups and discovered a vast network of more 1,000s individuals sharing data leaks and dumps and discussing how to exploit them in illegal activities.

Cybercrime 125

Cybercrime Hacking Mobile DDOS 125

Security Affairs

OCTOBER 22, 2022

US government agencies warned that the Daixin Team cybercrime group is actively targeting the U.S. CISA, the FBI, and the Department of Health and Human Services (HHS) warned that the Daixin Team cybercrime group is actively targeting U.S. If you use Remote Desktop Protocol (RDP), secure and monitor it. ” reads the alert.

Ransomware 69

Ransomware VPN Cybercrime Accountability 69

Security Affairs

APRIL 9, 2023

Nominate here: [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter newsletter) The post Security Affairs newsletter Round 414 by Pierluigi Paganini – International edition appeared first on Security Affairs. billion rubles.

Computers and Electronics 81

Computers and Electronics Backups Cybercrime Marketing 81

The Last Watchdog

OCTOBER 24, 2022

. • Create security awareness for employees. One of the most important ways to protect against data breaches is to increase employee security awareness. Employees are the first line of defense against cybercrime and should understand how to recognize phishing emails and what to do if they suspect them. Use a corporate VPN.

Passwords 214

Passwords Security Awareness Data breaches Cybersecurity 214

Krebs on Security

MARCH 1, 2022

A Ukrainian security researcher this week leaked several years of internal chat logs and other sensitive data tied to Conti , an aggressive and ruthless Russian cybercrime group that focuses on deploying its ransomware to companies with more than $100 million in annual revenue. On Sunday, Feb. ” GAP #1.

Ransomware 271

Ransomware Healthcare Cybercrime Government 271

Security Affairs

OCTOBER 11, 2022

” The toolkit provides templates for a broad range of targets, including Chinese and Russian organizations, which is quite uncommon in the cybercrime ecosystem. .” ” The toolkit provides templates for a broad range of targets, including Chinese and Russian organizations, which is quite uncommon in the cybercrime ecosystem.

Phishing 89

Phishing Cybercrime Accountability Advertising 89

Security Affairs

JUNE 4, 2023

Xplain hack impacted the Swiss cantonal police and Fedpol Zyxel published guidance for protecting devices from ongoing attacks Kimsuky APT poses as journalists and broadcast writers in its attacks New Linux Ransomware BlackSuit is similar to Royal ransomware CISA adds Progress MOVEit Transfer zero-day to its Known Exploited Vulnerabilities catalog (..)

Spyware 86

Spyware Hacking Malware Social Engineering 86

Security Affairs

APRIL 27, 2023

The encryptor uses a combination of ECDH on Curve25519 (asymmetric encryption) and Chacha20 (symmetric encryption) to encrypt files. The affiliates are obliged to remain active, or their account will be removed after 10 days without notifying them upfront. The group threatens to ban every affiliate who does leak samples.

Encryption 86

Encryption Ransomware Malware Education 86

Security Affairs

AUGUST 6, 2023

Rapid7 found a bypass for the recently patched actively exploited Ivanti EPMM bug Russian APT29 conducts phishing attacks through Microsoft Teams Hackers already installed web shells on 581 Citrix servers in CVE-2023-3519 attacks Zero-day in Salesforce email services exploited in targeted Facebook phishing campaign Burger King forgets to put a password (..)

Malware 77

Malware Cybercrime Cryptocurrency Social Engineering 77

Security Affairs

AUGUST 27, 2022

The investigation into the incident revealed that threat actor used a public-facing Citrix server as a point of entry, they likely used a valid account to access this server and perform lateral movements inside the victim’s network. The ransomware was employed in a targeted attack against one of the company’s customers.

Ransomware 97

Ransomware Encryption Accountability Antivirus 97

Security Affairs

MARCH 19, 2022

The AvosLocker ransomware-as-a-service emerged in the threat landscape in September 2021, since January the group expanded its targets by implementing the support for encrypting Linux systems, specifically VMware ESXi servers. Review domain controllers, servers, workstations, and active directories for new or unrecognized user accounts.

Ransomware 97

Ransomware DDOS Passwords Backups 97

Security Affairs

JULY 8, 2023

Google addressed 3 actively exploited flaws in Android Iran-linked APT TA453 targets Windows and macOS systems Bangladesh government website leaked data of millions of citizens A man has been charged with a cyber attack on the Discovery Bay water treatment facility Progress warns customers of a new critical flaw in MOVEit Transfer software CISA and (..)

Firewall 85

Firewall Ransomware Password Management Malware 85

Security Affairs

JULY 10, 2022

Upgrade it now! Unfaithful HackerOne employee steals bug reports to claim additional bounties Threat Report Portugal: Q2 2022 CISA orders federal agencies to patch CVE-2022-26925 by July 22 Tens of Jenkins plugins are affected by zero-day vulnerabilities Microsoft: Raspberry Robin worm already infected hundreds of networks.

Cybercrime 85

Cybercrime Data breaches Ransomware Healthcare 85

Security Affairs

AUGUST 24, 2022

Exposed data includes emails, usernames, and encrypted passwords. In response to the unauthorized access to its database, the company urges all its users to immediately reset account passwords and log out of all devices connected to its service. Long story short, we kindly request that you reset your Plex account password immediately.

Data breaches 106

Data breaches Passwords Media Accountability 106

Security Affairs

OCTOBER 31, 2021

FortiGuard Labs researchers who reported the attacks noticed that the variant of ransomware employed in the attacks not only encrypts certain files but also destroys others. This variant not only encrypts certain files but also destroys others, rendering them unrecoverable.

Ransomware 128

Ransomware Encryption Accountability Mobile 128

Security Affairs

MAY 6, 2023

Twitter confirmed that a security incident publicly exposed Circle tweets FBI seized other domains used by the shadow eBook library Z-Library WordPress Advanced Custom Fields plugin XSS exposes +2M sites to attacks Fortinet fixed two severe issues in FortiADC and FortiOS Pro-Russia group NoName took down multiple France sites, including the French (..)

Data breaches 94

Data breaches Malware Mobile Spyware 94

Security Affairs

MARCH 19, 2020

” According to the experts, the first infections were observed in late 2019, victims reported their files were encrypted by a strain of malware. locked to the filename of the encrypted files. “Brute force connection attempts on a supervisory console have been observed, as well as on several ACTIVE DIRECTORY accounts.

Government 105

Government Ransomware Encryption Penetration Testing 105

Security Affairs

OCTOBER 16, 2023

. “While visibility by our endpoint solution could have blocked the attack earlier in the attack chain and helped to protect the organization’s devices much sooner, Defender for Endpoint nonetheless successfully prevented the ransomware stage, protecting all onboarded devices in the organization from getting encrypted.”

Engineering 108

Engineering Ransomware Hacking Education 108

Security Affairs

APRIL 13, 2024

The attackers employed multiple fake accounts to add bogus stars, creating an illusion of popularity and trustworthiness.” On April 3rd, the attacker updated the code in one of their repositories, linking to a new URL that downloads a different encrypted.7z The archive contained an executable named feedbackAPI.exe.

Malware 120

Malware Cryptocurrency Encryption Hacking 120

Security Affairs

DECEMBER 1, 2022

In 2013, Yahoo suffered one of the worst data breaches in history, exposing over 3 billion user accounts. While no plaintext passwords or financial data was stolen, the hack did expose answers to security questions. This allowed hackers to breach many user accounts. Here are some of them: Strong encryption.

Data breaches 94

Data breaches Passwords Social Engineering Encryption 94