Security Affairs

APRIL 14, 2024

Crooks manipulate GitHub’s search results to distribute malware BatBadBut flaw allowed an attacker to perform command injection on Windows Roku disclosed a new security breach impacting 576,000 accounts LastPass employee targeted via an audio deepfake call TA547 targets German organizations with Rhadamanthys malware CISA adds D-Link multiple (..)

Data breaches 101

Data breaches Social Engineering Malware Hacking 101

Security Affairs

APRIL 28, 2024

Hackers may have accessed thousands of accounts on the California state welfare platform Brokewell Android malware supports an extensive set of Device Takeover capabilities Experts warn of an ongoing malware campaign targeting WP-Automatic plugin Cryptocurrencies and cybercrime: A critical intermingling Kaiser Permanente data breach may have impacted (..)

Cybercrime 93

Cybercrime Spyware Data breaches Antivirus 93

Krebs on Security

SEPTEMBER 4, 2018

Less than a week ago, security researcher Nitish Shah directed KrebsOnSecurity to an open database on the Web that allowed anyone to query up-to-the-minute mSpy records for both customer transactions at mSpy’s site and for mobile phone data collected by mSpy’s software. .” In September 2014, U.S. In September 2014, U.S.

Spyware 193

Spyware Mobile Advertising Software 193

Security Affairs

JANUARY 1, 2024

RESEARCHER DISCOVERED A NEW LOCK SCREEN BYPASS BUG FOR ANDROID 14 AND 13 Researchers discovered a lock screen bypass bug in Android 14 and 13 that could expose sensitive data in users’ Google accounts. TWO SPYWARE SENDING DATA OF MORE THAN 1.5M

Cybersecurity 104

Cybersecurity Spyware Data breaches Passwords 104

Security Affairs

JUNE 4, 2023

Xplain hack impacted the Swiss cantonal police and Fedpol Zyxel published guidance for protecting devices from ongoing attacks Kimsuky APT poses as journalists and broadcast writers in its attacks New Linux Ransomware BlackSuit is similar to Royal ransomware CISA adds Progress MOVEit Transfer zero-day to its Known Exploited Vulnerabilities catalog (..)

Spyware 85

Spyware Hacking Malware Social Engineering 85

Security Affairs

APRIL 2, 2023

Nominate here: [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter) The post Security Affairs newsletter Round 413 by Pierluigi Paganini – International edition appeared first on Security Affairs.

Spyware 83

Spyware Surveillance Artificial Intelligence Data breaches 83

Malwarebytes

SEPTEMBER 3, 2023

Last week on Malwarebytes Labs: 2.6 Last week on Malwarebytes Labs: 2.6

Spyware 85

Spyware Scams Data breaches Ransomware 85

Security Affairs

APRIL 22, 2024

The list also includes criminals, suspected terrorists, intelligence operatives and a European spyware firm. Compromised data vary by individuals and organizations, it includes names, passport numbers, Social Security numbers, online crypto account identifiers and bank account numbers, and more.

Risk 111

Risk Spyware Hacking Accountability 111

SecureWorld News

NOVEMBER 30, 2023

Consequences of browser-focused cybercrime Hackers are able to utilize browser vulnerabilities to install malware and spyware on devices, steal login credentials for other services, extract sensitive user data, and maintain persistence inside systems. Follow SecureWorld News for more stories related to cybersecurity.

Spyware 88

Spyware Surveillance Malware Risk 88

Security Affairs

MAY 6, 2023

Twitter confirmed that a security incident publicly exposed Circle tweets FBI seized other domains used by the shadow eBook library Z-Library WordPress Advanced Custom Fields plugin XSS exposes +2M sites to attacks Fortinet fixed two severe issues in FortiADC and FortiOS Pro-Russia group NoName took down multiple France sites, including the French (..)

Data breaches 93

Data breaches Malware Mobile Spyware 93

Security Affairs

MARCH 24, 2024

surfaces in the threat landscape Pokemon Company resets some users’ passwords Ukraine cyber police arrested crooks selling 100 million compromised accounts New AcidPour wiper targets Linux x86 devices. Is it a Russia’s weapon? Players hacked during the matches of Apex Legends Global Series.

Malware 96

Malware Cybercrime Hacking Cyber threats 96

Security Affairs

AUGUST 7, 2022

of its users due to the exposure of salted password hashes Twitter confirms zero-day used to access data of 5.4 of its users due to the exposure of salted password hashes Twitter confirms zero-day used to access data of 5.4 Pierluigi Paganini. SecurityAffairs – hacking, newsletter).

Spyware 119

Spyware Manufacturing Small Business Surveillance 119

Security Affairs

JULY 25, 2021

Kaseya obtained a universal decryptor for REvil ransomware attack Over 80 US Municipalities Sensitive Information, Including Residents Personal Data, Left Vulnerable in Massive Data Breach Threat Report Portugal: Q2 2021 What Is An Identity and Access Management So-lution and How Can Businesses Benefit From It?

Spyware 110

Spyware Data breaches Government Threat Reports 110

Security Affairs

APRIL 16, 2023

hacking tools and electronics A new round of the weekly SecurityAffairs newsletter arrived!

Data breaches 72

Data breaches Spyware Retail Surveillance 72

Security Affairs

SEPTEMBER 10, 2023

US CISA added critical Apache RocketMQ flaw to its Known Exploited Vulnerabilities catalog Ragnar Locker gang leaks data stolen from the Israel’s Mayanei Hayeshua hospital North Korea-linked threat actors target cybersecurity experts with a zero-day Zero-day in Cisco ASA and FTD is actively exploited in ransomware attacks Nation-state actors (..)

DDOS 102

DDOS VPN Data breaches Cybercrime 102

Security Affairs

FEBRUARY 11, 2024

Gov imposes visa restrictions on individuals misusing Commercial Spyware HPE is investigating claims of a new security breach Experts warn of a surge of attacks targeting Ivanti SSRF flaw How to hack the Airbus NAVBLUE Flysmart+ Manager Crooks stole $25.5

Spyware 89

Spyware Surveillance Identity Theft DDOS 89

Security Affairs

MARCH 4, 2023

stolen credit/debit cards Pegasus spyware used to spy on a Polish mayor Hundreds of thousands of websites hacked as part of redirection campaign MQsTTang, a new backdoor used by Mustang Panda APT against European entities Trusted Platform Module (TPM) 2.0 FiXS, a new ATM malware that is targeting Mexican banks BidenCash leaks 2.1M

Spyware 82

Spyware Data breaches Retail Ransomware 82

Security Affairs

APRIL 23, 2023

Abandoned Eval PHP WordPress plugin abused to backdoor websites CISA adds MinIO, PaperCut, and Chrome bugs to its Known Exploited Vulnerabilities catalog At least 2 critical infrastructure orgs breached by North Korea-linked hackers behind 3CX attack American Bar Association (ABA) suffered a data breach,1.4

Spyware 71

Spyware Ransomware Malware Data breaches 71

CyberSecurity Insiders

NOVEMBER 1, 2021

Adopting and applying cybersecurity principles can help you secure your company and decrease the danger of a data breach. Use passcodes and anti-spyware programs. Secure passcodes are a mix of numbers, letters, and punctuation marks that increase the safety of all your internet accounts.

Small Business 134

Small Business Cybersecurity Wireless Spyware 134

Security Affairs

FEBRUARY 26, 2024

On February 16th, an account linked to that email uploaded a batch of files including marketing documents, images, screenshots, and a substantial collection of WeChat messages exchanged between I-SOON employees and clients. The alleged data breach revealed the capabilities of the China-linked hacking contractor.

Hacking 104

Hacking Government Spyware Marketing 104

Identity IQ

FEBRUARY 18, 2021

The following vectors represent some of the most common ways a criminal could gain access to your accounts and is also known as an account takeover : Social Engineering. Some hackers even set up rogue hotspots with the sole intention of luring unsuspecting device users and stealing their valuable data. Data Breaches.

Identity Theft 119

Identity Theft Passwords Data breaches Scams 119

Identity IQ

FEBRUARY 21, 2023

The trojan horse can be hidden in software or attachments that, if downloaded, install different spyware and viruses on your device. This spyware and viruses can cause many problems on your device and compromise personal details. You can view your security settings and verify the devices connected to your email account.

Identity Theft 92

Identity Theft Phishing Malware Data breaches 92

Security Affairs

JULY 24, 2022

released in Dark Web – malicious shortcut-based attacks are on the rise Tor Browser 11.5 is optimized to automatically bypass censorship A massive cyberattack hit Albania Watch out for the CVE-2022-30136 Windows NFS Remote Code Execution flaw Graff paid a $7.5M released in Dark Web – malicious shortcut-based attacks are on the rise Tor Browser 11.5

Spyware 89

Spyware Surveillance Insurance Malware 89

Security Affairs

SEPTEMBER 24, 2023

Government of Bermuda blames Russian threat actors for the cyber attack City of Dallas has set a budget of $8.5 Government of Bermuda blames Russian threat actors for the cyber attack City of Dallas has set a budget of $8.5

Cyber Attacks 81

Cyber Attacks Firewall Data breaches Telecommunications 81

Security Affairs

FEBRUARY 13, 2022

Organizations are addressing zero-day vulnerabilities more quickly, says Google CISA, FBI, NSA warn of the increased globalized threat of ransomware Croatian phone carrier A1 Hrvatska discloses data breach FritzFrog P2P Botnet is back and targets Healthcare, Education and Government Sectors CISA adds 15 new vulnerabilities to its Known Exploited Vulnerabilities (..)

Spyware 72

Spyware Surveillance Ransomware Hacking 72

Hot for Security

JUNE 14, 2021

A vulnerability in WhatsApp allegedly allows threat actors to install spyware onto iPhones. And with our new Digital Identity Protection , you can check your online accounts against data breaches, find your private information online in legal and illegal collections of data, detect your social media impersonators and more.

Mobile 132

Mobile Malware Spyware Media 132

Security Affairs

FEBRUARY 28, 2021

Bug bounty hacker earned $5,000 reporting a Stored XSS flaw in iCloud.com Experts warn of threat actors abusing Google Alerts to deliver unwanted programs FBI warns of the consequences of telephony denial-of-service (TDoS) attacks An attacker was able to siphon audio feeds from multiple Clubhouse rooms Georgetown County has yet to recover from a sophisticated (..)

Spyware 79

Spyware Backups Manufacturing Data breaches 79

Security Affairs

NOVEMBER 15, 2023

Source: Cybernews Usernames Names Government ID numbers (CURP) Phone numbers Email addresses Home addresses Dates of Birth Gender KYC status IP addresses used to register for an account IP addresses used to log in Deposit amounts Withdrawal amounts Notes on users, submitted by admins and customer support agents.

Passwords 99

Passwords Identity Theft Social Engineering Spyware 99

Security Affairs

DECEMBER 2, 2023

Researchers devised an attack technique to extract ChatGPT training data Fortune-telling website WeMystic exposes 13M+ user records Expert warns of Turtle macOS ransomware US govt sanctioned North Korea-linked APT Kimsuky Black Basta Ransomware gang accumulated at least $107 million in Bitcoin ransom payments since early 2022 Apple addressed 2 new (..)

Ransomware 93

Ransomware Hacking Spyware Cybercrime 93

Security Affairs

APRIL 21, 2019

Attackers hacked support agent to access Microsoft Outlook email accounts. Gnosticplayers round 5 – 65 Million+ fresh accounts from 6 security breaches available for sale. Gnosticplayers round 5 – 65 Million+ fresh accounts from 8 security breaches available for sale. Million email accounts without permission.

Computers and Electronics 60

Computers and Electronics Spyware Data breaches Advertising 60

Identity IQ

JULY 17, 2023

Data Breaches : Hackers exploit vulnerabilities in systems to gain access to a large number of user credentials. Malware : Malicious software, such as viruses or spyware, can infect your devices and be used to steal your credentials. Enable Two-Factor Authentication Utilize two-factor authentication (2FA) if it is available.

Identity Theft 52

Identity Theft Password Management Passwords Authentication 52

Identity IQ

JULY 17, 2023

Data Breaches : Hackers exploit vulnerabilities in systems to gain access to a large number of user credentials. Malware : Malicious software, such as viruses or spyware, can infect your devices and be used to steal your credentials. Enable Two-Factor Authentication Utilize two-factor authentication (2FA) if it is available.

Identity Theft 52

Identity Theft Password Management Passwords Authentication 52

Malwarebytes

AUGUST 8, 2023

In this case, LetMeSpy first made notification of the breach in June, with the following message: On June 21, 2023, a security incident occurred involving obtaining unauthorized access to the data of website users. Well, it seems the breach was a step too far for LetMeSpy too. A permanent shutdown will take place in August.

Mobile 87

Mobile Spyware Antivirus Passwords 87

Security Affairs

JULY 13, 2019

Hackers compromised a Canonical GitHub account, Ubuntu source code was not impacted. Maryland Department of Labor discloses a data breach. UK ICO proposes a $123 million fine for Marriott 2014 data breach. New FinFisher spyware used to spy on iOS and Android users in 20 countries.

Data breaches 50

Data breaches Spyware Advertising Government 50

Malwarebytes

SEPTEMBER 1, 2022

Such keyloggers are often used to collect sensitive information, such as account credentials, credit card numbers, social security numbers, and more. In a well-known case, the creator of the FruitFly malware is known to have used passwords obtained from data breaches to gain access to victims' Macs.

Adware 85

Adware Software Spyware Passwords 85

Security Boulevard

MAY 3, 2021

MI5 said the faked LinkedIn accounts are created and operation by nation-state spy agencies, with an intent to recruit individuals or gather sensitive information. You can check if your phone number or email address is part of this Facebook data leak and other data breaches on the Have I Been Pwned website.

Ransomware 124

Ransomware Passwords Scams Government 124

eSecurity Planet

SEPTEMBER 11, 2023

W3LL Phishing Tool Steals Thousands of Microsoft 365 Accounts Type of attack: W3LL, a threat actor, created a phishing kit that can defeat multi-factor authentication (MFA) , which allowed it to infiltrate over 8,000 corporate Microsoft 365 accounts. Also see the Google support page Check & update your Android version.

VPN 111

VPN Firmware Authentication Phishing 111