Security Affairs

OCTOBER 20, 2021

According to Google’s Threat Analysis Group (TAG) researchers, who spotted the campaign, the attacks were launched by multiple hack-for-hire actors recruited on Russian-speaking forums. The researchers identified around 15,000 actor accounts, most of which were created for this campaign. Pierluigi Paganini.

Accountability 126

Accountability Malware Phishing Social Engineering 126

Security Affairs

JANUARY 24, 2023

GoTo is notifying customers that its development environment was breached in November 2022, attackers stole customers’ backups and encryption key. “Upon learning of the incident, we immediately launched an investigation, engaged Mandiant, a leading security firm, and alerted law enforcement. . ” continues the notice.

Backups 90

Backups Encryption Data breaches Passwords 90

Security Affairs

MARCH 3, 2021

A researcher received a $50,000 bug bounty by Microsoft for having reported a vulnerability that could’ve allowed to hijack any account. Microsoft has awarded the security researcher Laxman Muthiyah $50,000 for reporting a vulnerability that could have allowed anyone to hijack users’ accounts without consent.

Accountability 111

Accountability Passwords Encryption Mobile 111

Security Affairs

OCTOBER 15, 2020

The Video conferencing platform Zoom announced the implementation of end-to-end encryption (E2EE) and its availability starting next week. The popular Video conferencing platform Zoom announced the availability of the end-to-end encryption (E2EE) starting next week. SecurityAffairs – hacking, Zoom). Pierluigi Paganini.

Encryption 102

Encryption Advertising Accountability Hacking 102

Security Affairs

APRIL 4, 2023

A new ransomware strain named Rorschach ransomware supports the fastest file-encrypting routine observed to date. The researchers conducted five separate encryption speed tests in a controlled environment (with 6 CPUs, 8192MB RAM, SSD, and 220000 files to be encrypted), limited to local drive encryption only.

Encryption 89

Encryption Ransomware Malware Backups 89

Security Affairs

NOVEMBER 11, 2020

In November 2019, ransomware operators have started adopting a new double-extortion strategy first used by the Maze gang that sees threat actors also stealing unencrypted files before encrypting infected systems. SecurityAffairs – hacking, Ragnar Locker ransomware). 3 that its computer systems had been sidelined by a malware attack.”

Advertising 125

Advertising Hacking Ransomware Accountability 125

Security Affairs

AUGUST 7, 2022

Microsoft is actively blocking Tutanota email addresses from registering a Microsoft Teams account. Tutanota is an end-to-end encrypted email app and a freemium secure email service, as of March 2017, Tutanota’s owners claimed to have over 2 million users. SecurityAffairs – hacking, Microsoft). Pierluigi Paganini.

Accountability 97

Accountability Marketing Encryption Hacking 97

Security Affairs

APRIL 21, 2024

The Akira ransomware has been active since March 2023, the threat actors behind the malware claim to have already hacked multiple organizations in multiple industries, including education, finance, and real estate. The Akira ransomware operators implement a double extortion model by exfiltrating victims’ data before encrypting it.

Ransomware 105

Ransomware Encryption Antivirus VPN 105

Security Affairs

APRIL 29, 2023

xyz pic.twitter.com/VLhISark8Y — Goldwave (@OGoldwave) March 13, 2023 The variant employed in the campaign supports a more sophisticated encryption method of byte remapping and a monthly rotation of the C2 server. #ViperSoftX is back, doesn't look like much has changed. c2 arrowlchat[.]com ” concludes the report.

Encryption 87

Encryption Malware Cryptocurrency Software 87

Security Affairs

SEPTEMBER 13, 2021

Facebook announced it will allow WhatsApp users to encrypt their message history backups in the cloud. Facebook will continue to work to protect the privacy of WhatsApp users and announced that it will allow users to encrypt their message history backups in the cloud. SecurityAffairs – hacking, E2EE). Pierluigi Paganini.

Backups 80

Backups Encryption Passwords Accountability 80

Security Affairs

JULY 8, 2021

The American multinational investment bank and financial services firm Morgan Stanley discloses a data breach caused by the hack of an Accellion FTA server of a third-party vendor. The security breach was first reported by BleepingComputer that also shared a copy of the data breach notification letter sent to the impacted customers.

Data breaches 120

Data breaches Hacking Banking Financial Services 120

Security Affairs

AUGUST 15, 2022

Security researchers from Cleafy reported that the SOVA Android banking malware is back and is rapidly evolving. The SOVA Android banking trojan was improved, it has a new ransomware feature that encrypts files on Android devices, Cleafy researchers report. SecurityAffairs – hacking, SOVA Android banking malware).

Encryption 98

Encryption Malware Banking Ransomware 98

Security Affairs

SEPTEMBER 19, 2020

The popular encrypted email service Tutanota was hit with a series of DDoS attacks this week targeting its website fist and its DNS providers later. Encrypted email service, Tutanota suffered a series of DDoS attacks that initially targeted the website and later its DNS providers. SecurityAffairs – hacking, Tutanota).

DDOS 140

DDOS Encryption DNS Advertising 140

Security Affairs

NOVEMBER 12, 2020

The popular children’s online playground Animal Jam has suffered a data breach that affected more than 46 million accounts. Animal Jam has suffered a data breach impacting 46 million accounts belonging to children and parents who signed up for the game. . records include the birth year the player entered at account creation 23.9M

Data breaches 120

Data breaches Accountability Passwords Encryption 120

Security Affairs

AUGUST 22, 2023

The Akira ransomware has been active since March 2023, the threat actors behind the malware claim to have already hacked multiple organizations in multiple industries, including education, finance, and real estate. Sophos researchers observed in May the threat actor using compromised Cisco VPN accounts to breach target networks.

VPN 88

VPN Ransomware Hacking Education 88

Security Affairs

SEPTEMBER 19, 2022

The new attacks suggest the hacking group is back in action. “The shell script is cloning a GitHub project from what seems to be a TeamTNT account. “Breaking the cryptographic encryption is considered “Mission: Impossible”. SecurityAffairs – hacking, cryptomining). ” continue the experts.

Encryption 95

Encryption Cybercrime Hacking Malware 95

Security Affairs

APRIL 17, 2024

It is a fairly recent improper authorization vulnerability that allows an attacker to reset the Confluence application and create a new administrator account using an unprotected configuration restore endpoint used by the setup wizard.” ” states Cado Security. ” continues the report.

Ransomware 133

Ransomware Encryption Malware Accountability 133

Security Affairs

MAY 27, 2021

The feds uncovered the attack in May 2021, government experts reported that the threat actors likely created an account with the username “elie” to gain persistence on the network. Experts noticed that the APT group established new user accounts that look similar to other existing accounts on the network. municipal government.”

VPN 121

VPN Government Hacking Accountability 121

Security Affairs

JANUARY 1, 2024

The MultiLogin endpoint endpoint is an internal mechanism that allows the synchronization of Google accounts across services. This endpoint receives a vector containing account IDs and auth-login tokens for efficiently handling concurrent sessions or seamlessly transitioning between user profiles. ” continues the report.

Malware 130

Malware Penetration Testing Passwords Encryption 130

The Last Watchdog

APRIL 4, 2022

They are often unaware of the risks they take on, which can include hacking, fraud, phishing, and more. SMBs and enterprises alike have been struggling with APIs as a mechanism for information security. The fact that there are so many different APIs is the main challenge for enterprises when it comes to API security.

Hacking 222

Hacking Penetration Testing Data breaches Authentication 222

Security Affairs

NOVEMBER 13, 2021

Threat actors are distributing the GravityRAT remote access trojan masqueraded as an end-to-end encrypted chat application named SoSafe Chat. Threat actors are distributing the GravityRAT RAT masqueraded as an end-to-end encrypted chat application named SoSafe Chat. Gets connected network information. Record audio.

Encryption 129

Encryption Malware Media Authentication 129

Security Affairs

FEBRUARY 12, 2024

Public Wi-Fi users are prime targets for MITM attacks because the information they send is often not encrypted, meaning it’s easy for hackers to access your data. They might even lock you out of your own accounts by resetting your passwords. Once they’re in, they can grab your emails, usernames, passwords, and more.

DNS 123

DNS VPN Encryption Passwords 123

Security Affairs

JUNE 28, 2020

Asian media firm E27 suffered a security breach and hackers asked for a “donation” to provide information on the flaws they exploited in the attack. ” “We use Facebook and LinkedIn for account login and do not store any passwords on our system. SecurityAffairs – hacking, E27). Pierluigi Paganini.

Media 141

Media Hacking Passwords Data breaches 141

Security Affairs

FEBRUARY 19, 2024

The gang also published several pictures of passports and company documents as proof of the hack. The ransomware identifies user accounts by viewing successful logins in Windows Event Viewer, it also uses a modified variant of the open-source PSnmap Tool. Cactus Ransomware has just posted Schneider Electric.

Ransomware 103

Ransomware Digital transformation Retail Antivirus 103

Security Affairs

NOVEMBER 19, 2023

Phobos variants are usually distributed by the SmokeLoader , but in 8Base campaigns, it has the ransomware component embedded in its encrypted payloads. 8base” file extension for encrypted documents, a circumstance that suggested a possible link to the 8Base group or the use of the same code-base for their ransomware.

Ransomware 124

Ransomware Encryption Backups Manufacturing 124

Security Affairs

JULY 14, 2020

.” According to the company, attackers accessed personal details of the users, including names, email addresses, mailing addresses, phone numbers, and also encrypted passwords. The company confirmed that the an investigation into the hack is still ongoing. SecurityAffairs – hacking, LiveAuctioneers ). Pierluigi Paganini.

Hacking 99

Hacking Data breaches Identity Theft Advertising 99

Security Affairs

FEBRUARY 24, 2024

Messaging services use classical public key cryptography, such as RSA, Elliptic Curve signatures, and Diffie-Hellman key exchange, to establish secure end-to-end encrypted connections between devices. However, researchers believe that a sufficiently powerful quantum computer could compromise of end-to-end encrypted communications.

Encryption 119

Encryption Authentication Hacking Accountability 119

Security Affairs

DECEMBER 18, 2023

Some info stealers may use encryption techniques to hide their communication with command-and-control servers, making it more challenging for security systems to detect malicious activities. Bank logs : These are sets of data containing sensitive information about a bank account.

Banking 114

Banking Cybercrime Malware Accountability 114

Security Affairs

OCTOBER 19, 2020

“The intruder was able to access forum user profiles, which include the e-mail addresses connected to those forum accounts. On top of that, the attacker gained access to encrypted passwords (in technical terms: hashed and salted passwords).” SecurityAffairs – hacking, Albion Online). Pierluigi Paganini.

Hacking 103

Hacking Data breaches Passwords Advertising 103

Security Affairs

NOVEMBER 8, 2023

Security firm Sumo Logic disclosed a security breach after discovering the compromise of its AWS account compromised last week. The company disclosed a security breach after discovering that its AWS account was compromised last week. The company discovered the security breach on Friday, November 3, 2023.

Encryption 102

Encryption Accountability Hacking Cybersecurity 102

SecureWorld News

SEPTEMBER 12, 2022

China's National Computer Virus Emergency Response Center (CVERC) recently made a statement accusing the United States National Security Agency (NSA) of repeatedly hacking the Northwestern Polytechnical University, a key public military research university located in Xi'an, China. TAO is a tactical implementation unit of the U.S.

Hacking 90

Hacking Cyber Attacks Government Internet 90

Security Affairs

OCTOBER 16, 2023

Microsoft thwarted a large-scale hacking campaign carried out by Akira ransomware operators targeting an unknown industrial organization. Microsoft Defender capabilities prevented breached accounts were being used to access endpoints and other resources in the network. ” reads the analysis published by Microsoft.

Engineering 108

Engineering Ransomware Hacking Education 108

Security Affairs

JANUARY 8, 2024

file exposed information that attackers could employ for lateral movement within the ministry’s systems, potentially escalating to anything from account takeover to a ransomware attack. file leaked several types of database credentials, mail credentials, and data encryption keys. Meanwhile, the now-closed MIM’s env.

Government 122

Government Identity Theft Social Engineering Encryption 122

Security Affairs

JUNE 13, 2023

A database containing the personal information of more than 8.9 A database containing personal information of 8,929,503 Zacks Investment Research users emerged on a popular hacking forum on June 10, 2023. Customers are also recommended to monitor financial accounts and consumer credit reports. ” reported HIBP.

Data breaches 85

Data breaches Passwords Cybercrime Encryption 85

Security Affairs

AUGUST 12, 2019

Researchers discovered a dump containing 6,840,339 records associated with StockX user accounts that surfaced in the cybercrime underground. Last week media reported the hack of StockX , the fashion and sneaker trading platform. Now a dump containing 6,840,339 unique StockX user accounts surfaced in the cybercrime underground.

Accountability 81

Accountability Data breaches Passwords Cybercrime 81

Security Affairs

DECEMBER 19, 2022

. “The actors customized previous ransomware binaries for the intended victim through the use of confidential information such as leaked accounts and unique company IDs as the appended file extension. Upon further analysis, we have learned that these flags are used for intermittent encryption.” Pierluigi Paganini.

Ransomware 124

Ransomware Encryption Healthcare Education 124

Security Affairs

JUNE 2, 2021

There was no need for a password or login credentials to access the information, and the data was not encrypted. The leak has since been secured. Feedback message data contained Account id, feedback rating given, and users’ email addresses. SecurityAffairs – hacking, AMT Games ). What’s Happening?

Data breaches 108

Data breaches Accountability Mobile Phishing 108