Security Affairs

MARCH 24, 2024

surfaces in the threat landscape Pokemon Company resets some users’ passwords Ukraine cyber police arrested crooks selling 100 million compromised accounts New AcidPour wiper targets Linux x86 devices. Is it a Russia’s weapon? Players hacked during the matches of Apex Legends Global Series.

Malware 100

Malware Cybercrime Hacking Cyber threats 100

Security Affairs

AUGUST 7, 2022

of its users due to the exposure of salted password hashes Twitter confirms zero-day used to access data of 5.4 of its users due to the exposure of salted password hashes Twitter confirms zero-day used to access data of 5.4 The post Security Affairs newsletter Round 377 appeared first on Security Affairs.

Spyware 124

Spyware Manufacturing Small Business Surveillance 124

Security Affairs

MAY 6, 2023

Twitter confirmed that a security incident publicly exposed Circle tweets FBI seized other domains used by the shadow eBook library Z-Library WordPress Advanced Custom Fields plugin XSS exposes +2M sites to attacks Fortinet fixed two severe issues in FortiADC and FortiOS Pro-Russia group NoName took down multiple France sites, including the French (..)

Data breaches 93

Data breaches Malware Mobile Spyware 93

Security Affairs

APRIL 16, 2023

hacking tools and electronics A new round of the weekly SecurityAffairs newsletter arrived!

Data breaches 72

Data breaches Spyware Retail Surveillance 72

Security Affairs

MARCH 4, 2023

stolen credit/debit cards Pegasus spyware used to spy on a Polish mayor Hundreds of thousands of websites hacked as part of redirection campaign MQsTTang, a new backdoor used by Mustang Panda APT against European entities Trusted Platform Module (TPM) 2.0 FiXS, a new ATM malware that is targeting Mexican banks BidenCash leaks 2.1M

Spyware 83

Spyware Data breaches Retail Ransomware 83

Security Affairs

FEBRUARY 26, 2024

On February 16th, an account linked to that email uploaded a batch of files including marketing documents, images, screenshots, and a substantial collection of WeChat messages exchanged between I-SOON employees and clients. The alleged data breach revealed the capabilities of the China-linked hacking contractor.

Hacking 109

Hacking Government Spyware Marketing 109

Security Affairs

APRIL 23, 2023

Abandoned Eval PHP WordPress plugin abused to backdoor websites CISA adds MinIO, PaperCut, and Chrome bugs to its Known Exploited Vulnerabilities catalog At least 2 critical infrastructure orgs breached by North Korea-linked hackers behind 3CX attack American Bar Association (ABA) suffered a data breach,1.4

Spyware 72

Spyware Ransomware Malware Data breaches 72

Security Affairs

JULY 24, 2022

ransom and sued its insurance firm for refusing to cover this payment Crooks stole $375k from Premint NFT, it is one of the biggest NFT hacks ever Google is going to remove App Permissions List from the Play Store Security Affairs newsletter Round 374 by Pierluigi Paganini APT groups target journalists and media organizations since 2021.

Spyware 91

Spyware Surveillance Insurance Malware 91

Security Affairs

SEPTEMBER 24, 2023

Government of Bermuda blames Russian threat actors for the cyber attack City of Dallas has set a budget of $8.5 Government of Bermuda blames Russian threat actors for the cyber attack City of Dallas has set a budget of $8.5

Cyber Attacks 84

Cyber Attacks Firewall Data breaches Telecommunications 84

Security Affairs

FEBRUARY 13, 2022

Organizations are addressing zero-day vulnerabilities more quickly, says Google CISA, FBI, NSA warn of the increased globalized threat of ransomware Croatian phone carrier A1 Hrvatska discloses data breach FritzFrog P2P Botnet is back and targets Healthcare, Education and Government Sectors CISA adds 15 new vulnerabilities to its Known Exploited Vulnerabilities (..)

Spyware 72

Spyware Surveillance Ransomware Hacking 72

Security Affairs

FEBRUARY 28, 2021

Bug bounty hacker earned $5,000 reporting a Stored XSS flaw in iCloud.com Experts warn of threat actors abusing Google Alerts to deliver unwanted programs FBI warns of the consequences of telephony denial-of-service (TDoS) attacks An attacker was able to siphon audio feeds from multiple Clubhouse rooms Georgetown County has yet to recover from a sophisticated (..)

Spyware 81

Spyware Backups Manufacturing Data breaches 81

Security Affairs

NOVEMBER 15, 2023

Source: Cybernews Usernames Names Government ID numbers (CURP) Phone numbers Email addresses Home addresses Dates of Birth Gender KYC status IP addresses used to register for an account IP addresses used to log in Deposit amounts Withdrawal amounts Notes on users, submitted by admins and customer support agents.

Passwords 104

Passwords Identity Theft Social Engineering Spyware 104

Security Affairs

DECEMBER 2, 2023

Researchers devised an attack technique to extract ChatGPT training data Fortune-telling website WeMystic exposes 13M+ user records Expert warns of Turtle macOS ransomware US govt sanctioned North Korea-linked APT Kimsuky Black Basta Ransomware gang accumulated at least $107 million in Bitcoin ransom payments since early 2022 Apple addressed 2 new (..)

Ransomware 97

Ransomware Hacking Spyware Cybercrime 97

Security Affairs

JULY 13, 2019

Hackers compromised a Canonical GitHub account, Ubuntu source code was not impacted. Maryland Department of Labor discloses a data breach. UK ICO proposes a $123 million fine for Marriott 2014 data breach. New FinFisher spyware used to spy on iOS and Android users in 20 countries.

Data breaches 52

Data breaches Spyware Advertising Government 52

Security Boulevard

MAY 3, 2021

roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, April 2021. The UK Security Service MI5 said 10,000 staff from every UK government department and from important UK industries have been lured by fake LinkedIn profiles.

Ransomware 124

Ransomware Passwords Scams Government 124

Security Affairs

AUGUST 25, 2019

Twitter bans 936 accounts that attempted to sow political discord in Hong Kong. App tainted with Ahmyst Open-source spyware appeared on Google Play Store twice. million to allow towns to access encrypted data. Mastercard data breach affected Priceless Specials loyalty program. Texas attackers demand $2.5

Small Business 51

Small Business Spyware Data breaches Advertising 51

Security Affairs

APRIL 2, 2023

Nominate here: [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter) The post Security Affairs newsletter Round 413 by Pierluigi Paganini – International edition appeared first on Security Affairs.

Spyware 84

Spyware Surveillance Artificial Intelligence Data breaches 84

Security Affairs

SEPTEMBER 10, 2023

US CISA added critical Apache RocketMQ flaw to its Known Exploited Vulnerabilities catalog Ragnar Locker gang leaks data stolen from the Israel’s Mayanei Hayeshua hospital North Korea-linked threat actors target cybersecurity experts with a zero-day Zero-day in Cisco ASA and FTD is actively exploited in ransomware attacks Nation-state actors (..)

DDOS 106

DDOS VPN Data breaches Cybercrime 106

Security Affairs

FEBRUARY 11, 2024

Gov imposes visa restrictions on individuals misusing Commercial Spyware HPE is investigating claims of a new security breach Experts warn of a surge of attacks targeting Ivanti SSRF flaw How to hack the Airbus NAVBLUE Flysmart+ Manager Crooks stole $25.5

Spyware 93

Spyware Surveillance Identity Theft DDOS 93

Cytelligence

FEBRUARY 25, 2023

Cybersecurity refers to the set of technologies, processes, and practices designed to protect digital devices, networks, and data from cyber threats. With the increase in the number of cyber-attacks and data breaches, it has become essential to take cybersecurity seriously.

Cyber Attacks 52

Cyber Attacks IoT Authentication Antivirus 52

Security Affairs

APRIL 28, 2024

Hackers may have accessed thousands of accounts on the California state welfare platform Brokewell Android malware supports an extensive set of Device Takeover capabilities Experts warn of an ongoing malware campaign targeting WP-Automatic plugin Cryptocurrencies and cybercrime: A critical intermingling Kaiser Permanente data breach may have impacted (..)

Cybercrime 97

Cybercrime Spyware Data breaches Antivirus 97

ForAllSecure

AUGUST 14, 2019

The ability to get information from clouds that are normally thought secure, notably Apple's iCloud, is new for Pegasus. Reports suggest that smishing is one possible attack vector for the spyware. The attackers are using administrative privileges to create fraudulent student accounts. Pegasus is pricey.

Energy and Utilities 52

Energy and Utilities Penetration Testing Government Education 52

ForAllSecure

AUGUST 14, 2019

The ability to get information from clouds that are normally thought secure, notably Apple's iCloud, is new for Pegasus. Reports suggest that smishing is one possible attack vector for the spyware. The attackers are using administrative privileges to create fraudulent student accounts. Pegasus is pricey.

Energy and Utilities 40

Energy and Utilities Penetration Testing Government Education 40

ForAllSecure

AUGUST 14, 2019

The ability to get information from clouds that are normally thought secure, notably Apple's iCloud, is new for Pegasus. Reports suggest that smishing is one possible attack vector for the spyware. The attackers are using administrative privileges to create fraudulent student accounts. Pegasus is pricey.

Energy and Utilities 40

Energy and Utilities Penetration Testing Government Education 40

Security Affairs

JUNE 30, 2019

Cisco addressed critical flaws in Cisco Data Center Network Manager. Flaws in EA Games Login exposed accounts of 300 Million Gamers to hack. Italian data protection watchdog fines Facebook over Cambridge Analytica scandal. Regin spyware involved in attack against the Russian tech giant Yandex.

B2B 64

B2B Cryptocurrency Spyware Hacking 64