Accountability, Data collection, Document and Social Engineering

Accountability

Data collection

Document

Social Engineering

Threat actors scrape 600 million LinkedIn profiles and are selling the data online – again

Security Affairs

JULY 12, 2021

For the third time in the past four months, LinkedIn seems to have experienced another massive data scrape conducted by a malicious actor. Once again, an archive of data collected from hundreds of millions of LinkedIn user profiles surfaced on a hacker forum, where it’s currently being sold for an undisclosed sum.

Social Engineering

Social Engineering Data collection Media Passwords

Confessions of an ID Theft Kingpin, Part I

Krebs on Security

AUGUST 26, 2020

For several years beginning around 2010, a lone teenager in Vietnam named Hieu Minh Ngo ran one of the Internet’s most profitable and popular services for selling “ fullz ,” stolen identity records that included a consumer’s name, date of birth, Social Security number and email and physical address. ” MICROBILT.

Identity Theft

Identity Theft Computers and Electronics Hacking Accountability

Join 29,000+

Insiders

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Trending Sources

Freshly scraped LinkedIn data of 88,000 US business owners shared online

Security Affairs

JULY 1, 2021

“Our initial investigation has found that this data was scraped from LinkedIn and other various websites and includes the same data reported earlier this year in our April 2021 scraping update,” reads the LinkedIn statement. Read more about the April 2021 LinkedIn scrape: Scraped data of 500 million LinkedIn users being sold online.

Data breaches

Data breaches Social Engineering Data collection Media

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Not the Invasion They Warned Us About: TikTok and the Continued Erosion of Online Privacy

Approachable Cyber Threats

AUGUST 2, 2021

social engineer a mobile provider employee to facilitate a SIM swap). Users must be better protected from the outset, and the only way to ensure that is to impose significant restrictions on data collection and usage by companies seeking to monetize or use it to their asymmetric benefit in any way.

Data collection

Data collection Media Mobile Identity Theft

Doxing in the corporate sector

SecureList

MARCH 29, 2021

Such key positions include the CEO, HR department director, and chief accountant. You might think that this kind of information would be useless for an attack on a company because this personal info is not actually related to the company and contains no data that could actually compromise the company or the account owner.

Identity Theft

Identity Theft Phishing Accountability Banking

Ransomware Revival: Troldesh becomes a leader by the number of attacks

Security Affairs

NOVEMBER 19, 2019

Ransomware accounted for over half of all malicious mailings in H1 2019, Troldesh aka Shade being the most popular tool among cybercriminals. The first half of 2019 saw a 10-fold increase in the number of password-protected objects, such as documents and archive files, being used to deliver malware. rar archive files. Dangerous email.

Ransomware

Ransomware Antivirus Malware Banking

Thomson Reuters collected and leaked at least 3TB of sensitive data

Security Affairs

OCTOBER 27, 2022

The naming of ElasticSearch indices inside the Thomson Reuters server suggests that the open instance was used as a logging server to collect vast amounts of data gathered through user-client interaction. That includes documents with corporate and legal information about specific businesses or individuals. Media giant with $6.35

IoT

IoT Engineering Passwords Media

Good game, well played: an overview of gaming-related cyberthreats in 2022

SecureList

SEPTEMBER 6, 2022

One of the most outstanding examples involves $2 million ‘s worth of CS:GO skins stolen from a user’s account , which means that losses can get truly grave. Game over: cybercriminals targeting gamers’ accounts and money. Launching the malware resulted in decryption and activation of a Trojan-stealer dubbed Taurus.

Mobile

Mobile Passwords Software Accountability

Spam and phishing in 2022

SecureList

FEBRUARY 16, 2023

For example, one website offered users to obtain a COVID vaccination certificate by entering their British National Health Service (NHS) account credentials. Scammers abused legitimate survey services by creating polls in the name of various organization to profit from victims’ personal, including sensitive, data.

Phishing

Phishing Scams Accountability Energy and Utilities

Drawing the RedLine – Insider Threats in Cybersecurity

Security Boulevard

MARCH 31, 2022

Data collection from FTP clients, IM clients. In a blog post published on March 22nd, 2022, Microsoft confirmed that one of their user accounts had been compromised by the Lapsus$ (also known as DEV-0537) threat actor, though they claimed that the information accessed was limited and that “no customer code or data was involved”.

Cybersecurity

Cybersecurity Social Engineering Passwords Malware

Privacy predictions 2023

SecureList

NOVEMBER 28, 2022

In the EU, lawmakers are working on the Data Act , meant to further protect sensitive data, as well as a comprehensive AI legal strategy that might put a curb on a range of invasive machine-learning technologies and require greater accountability and transparency. Smartphones will replace more paper documents.

Insurance

Insurance Social Engineering IoT Data breaches

Threat Report Portugal: Q3 & Q4 2022

Security Affairs

APRIL 6, 2023

The Threat Report Portugal: H2 2022 compiles data collected on the malicious campaigns that occurred from July to December, H2, 2022. The Portuguese Abuse Open Feed 0xSI_f33d is an open-sharing database with the ability to collect indicators from multiple sources, developed and maintained by Segurança-Informática.

Threat Reports

Threat Reports Phishing Malware Banking

APT trends report Q2 2023

SecureList

JULY 27, 2023

Its recent attacks have extended to US healthcare organizations, while also leaking documents from various entities in an effort to cause both psychological and organizational repercussions among its adversaries. Several tools were used to gather documents. The first, “LoFiSe”, packs files into a ZIP archive.

Malware

Malware Government Phishing Social Engineering

Advanced threat predictions for 2024

SecureList

NOVEMBER 14, 2023

Using a malicious script, the attackers redirected their targets’ incoming email to an email address controlled by the attackers, gathering data from the compromised accounts. Although there was a public report of drones used to hack a Wi-Fi network in 2022, there are no accounts of similar events happening in 2023.

Hacking

Hacking Energy and Utilities Media Malware

Cyber Security Informer

Threat actors scrape 600 million LinkedIn profiles and are selling the data online – again

Confessions of an ID Theft Kingpin, Part I

Webinars

Trending Sources

Freshly scraped LinkedIn data of 88,000 US business owners shared online

Webinars

Not the Invasion They Warned Us About: TikTok and the Continued Erosion of Online Privacy

Doxing in the corporate sector

Ransomware Revival: Troldesh becomes a leader by the number of attacks

Thomson Reuters collected and leaked at least 3TB of sensitive data

Good game, well played: an overview of gaming-related cyberthreats in 2022

Spam and phishing in 2022

Drawing the RedLine – Insider Threats in Cybersecurity

Privacy predictions 2023

Threat Report Portugal: Q3 & Q4 2022

APT trends report Q2 2023

Advanced threat predictions for 2024

Stay Connected