SecureWorld News

SEPTEMBER 12, 2022

China's National Computer Virus Emergency Response Center (CVERC) recently made a statement accusing the United States National Security Agency (NSA) of repeatedly hacking the Northwestern Polytechnical University, a key public military research university located in Xi'an, China. TAO is a tactical implementation unit of the U.S.

Hacking 90

Hacking Cyber Attacks Government Internet 90

Security Affairs

NOVEMBER 30, 2023

Researchers at AppOms discovered a vulnerability in Zoom Room as part of the HackerOne live hacking event H1-4420. The experts discovered the vulnerability in June 2023, they warned that an attacker can take over a Zoom Room’s service account and gain access to the victim’s organization’s tenant.

Accountability 133

Accountability Hacking Information Security 133

Security Affairs

APRIL 24, 2020

Nintendo has disconnected the NNID legacy login system from main Nintendo profiles after it has discovered a massive account hijacking campaign. The gaming giant Nintendo announced that hackers gained accessed at least 160,000 user accounts as part of an account hijacking campaign since early April. ” reported ZDNet.

Accountability 99

Accountability Passwords Data breaches Advertising 99

Security Affairs

JUNE 4, 2020

The Japanese cryptocurrency exchange Coincheck announced that threat actors have accessed their account at the Oname.com domain registrar and hijacked one of its domain names. “The domain registration information has been amended at around 20:52 on June 1, 2020, and there is no impact on the customer’s assets at this time.”

Accountability 95

Accountability Phishing DNS Cryptocurrency 95

Security Affairs

NOVEMBER 3, 2023

The threat actor was able to use these session tokens to hijack the legitimate Okta sessions of 5 customers, 3 of whom have shared their own response to this event.” ” The three customers who shared their own responses to the event are Cloudflare, 1Password , and BeyondTrust. ” continues the post.

Data breaches 123

Data breaches Social Engineering Accountability Authentication 123

Security Affairs

AUGUST 29, 2023

On May 30, 2023, the vendor provided a Preliminary Summary of Key Findings related to its investigation that includes a timeline of events, Indicators of Compromise (IOCs), and recommended actions for impacted customers. The company notified via the ESG user interface the customers whose appliances they believe were impacted.

Government 107

Government Hacking Malware Accountability 107

Security Affairs

JANUARY 1, 2024

These are the Top 2023 Security Affairs cybersecurity stories … enjoy it. CYBERCRIMINALS LAUNCHED “LEAKSMAS” EVENT IN THE DARK WEB EXPOSING MASSIVE VOLUMES OF LEAKED PII AND COMPROMISED DATA Leaksmas: On Christmas Eve, multiple threat actors released substantial data leaks, Resecurity experts reported.

Cybersecurity 110

Cybersecurity Spyware Data breaches Passwords 110

Security Affairs

FEBRUARY 19, 2024

The gang also published several pictures of passports and company documents as proof of the hack. The ransomware identifies user accounts by viewing successful logins in Windows Event Viewer, it also uses a modified variant of the open-source PSnmap Tool. Cactus Ransomware has just posted Schneider Electric.

Ransomware 106

Ransomware Digital transformation Retail Antivirus 106

Security Affairs

AUGUST 19, 2021

“The exploit was partially successful, in that the attacker modified user account data on the systems to prepare for remote code execution. On January 31, 2020 the Bureau receives its second CISA request to investigate the compromised servers and a few days later, on February 5, 2020, the Bureau confirmed that other servers were hacked.

Hacking 117

Hacking Firewall Accountability Technology 117

Security Affairs

APRIL 27, 2024

Brokewell malware supports “accessibility logging,” it records any device events such as touches, swipes, displayed information, text input, and opened applications. The experts explained that potentially all applications on the device are vulnerable to data compromise as Brokewell logs every event.

Malware 111

Malware Spyware Authentication Mobile 111

Security Affairs

OCTOBER 23, 2023

The City of Philadelphia discloses a data breach that resulted from a cyber attack that took place on May 24 and that compromised City email accounts. The City of Philadelphia announced it is investigating a data breach after attackers that threat actors broke some of City email accounts containing personal and protected health information.

Data breaches 111

Data breaches Identity Theft Accountability Scams 111

Security Affairs

NOVEMBER 8, 2023

Security firm Sumo Logic disclosed a security breach after discovering the compromise of its AWS account compromised last week. The company disclosed a security breach after discovering that its AWS account was compromised last week. The company discovered the security breach on Friday, November 3, 2023.

Encryption 105

Encryption Accountability Hacking Cybersecurity 105

Security Affairs

APRIL 3, 2021

Thompson for the security breach. THOMPSON posted about the Capital One hack on GitHub, she exploited a misconfigured web application firewall to get access to the data. On July 17, 2019, Capital One was informed of the incident by a GitHub user who saw the post. SecurityAffairs – hacking, Capital One).

Hacking 72

Hacking Data breaches Banking Small Business 72

Security Affairs

APRIL 3, 2022

This post provides a timeline of the events related to the Russian invasion of Ukraine from the cyber security perspective. Anonymous claims to have hacked the Russian Orthodox Church ‘s charitable wing and leaked 15 GB of alleged stolen data. Apr 01 – Anonymous targets oligarchs’ Russian businesses: Marathon Group hacked.

DDOS 98

DDOS Hacking Mobile Internet 98

Security Affairs

MARCH 23, 2022

The gang announced the alleged hack through its Telegram channel and shared a series of screenshots as proof of the hack. Okta confirmed the security breach and revealed that it has impacted 2.5% Security Breach Management. SecurityAffairs – hacking, Okta). We didn’t compromise any laptop? Pierluigi Paganini.

Hacking 94

Hacking Engineering Passwords Data breaches 94

Security Affairs

OCTOBER 17, 2023

Threat actors exploited the recently disclosed zero-day flaw (CVE-2023-20198) in a large-scale hacking campaign on Cisco IOS XE devices. Threat actors have exploited the recently disclosed critical zero-day vulnerability ( CVE-2023-20198 ) to compromise thousands of Cisco IOS XE devices, security firm VulnCheck warns.

Internet 117

Internet Internet Hacking Accountability 117

Security Affairs

DECEMBER 4, 2023

This ominous cyber-event sent shockwaves through the $26 trillion U.S. The ransomware disruption temporarily prevented bank employees from accessing their corporate email accounts and connecting to the Depository Trust and Clearing Corporation to resolve large batches of U.S. trillion under management. Treasury market. Treasury trades.

Ransomware 108

Ransomware Banking Financial Services Marketing 108

Security Affairs

NOVEMBER 29, 2023

The threat actor was able to use these session tokens to hijack the legitimate Okta sessions of 5 customers, 3 of whom have shared their own response to this event.” The three customers who shared their own responses to the event are Cloudflare, 1Password , and BeyondTrust. ” continues the update.

Social Engineering 108

Social Engineering Authentication Engineering Accountability 108

Security Affairs

JANUARY 22, 2024

Attackers often exploit current events or emergency situations to elicit emotional responses and induce victims to act hastily without carefully evaluating the legitimacy of the communications. He is also the author of the book “La Gestione della Cyber Security nella Pubblica Amministrazione”.

Phishing 109

Phishing Education Social Engineering Media 109

Security Affairs

AUGUST 20, 2019

Your IP address represents your digital identity online, hacking it not only allows attackers to access your device or your accounts, but it may cause even bigger damage. It does not allow a hacker to access your device or your accounts but it may cause even bigger damage. SecurityAffairs – Internet, hacking).

Hacking 91

Hacking VPN Internet Internet 91

Security Affairs

OCTOBER 16, 2023

The advisory published by the vendor states that the exploitation of the vulnerability allows a remote, unauthenticated attacker to create an account on an affected system with privilege level 15 access. The attacker can then use that account to gain control of the affected system.” ” states Cisco Talos.

Accountability 131

Accountability Internet Internet Software 131

Security Affairs

NOVEMBER 15, 2023

PuTTY.exe Rhysida actors have been observed creating Secure Shell (SSH) PuTTy connections for lateral movement. In one example, analysis of PowerShell console host history for a compromised user account revealed Rhysida actors leveraged PuTTy to remotely connect to systems via SSH [ T1021.004 ].

Ransomware 118

Ransomware Manufacturing Healthcare Education 118

Security Affairs

FEBRUARY 13, 2024

the Maine Attorney General’s Office, Bank of America noted that it cannot determine “with certainty what personal information was accessed” during the attack. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – Hacking, Bank of America)

Data breaches 110

Data breaches Banking Identity Theft Ransomware 110

Security Affairs

JULY 7, 2021

The cyberattack temporarily blocked the customers’ access to their account information, the cooperative is working to restore the impacted system. We are thankful that no information has been accessed during this event.”. The system maintenance prevents members from accessing their accounts and any payment systems.”

Ransomware 136

Ransomware Accountability Data breaches Hacking 136

Security Affairs

OCTOBER 31, 2023

The advisory published by the vendor states that the exploitation of the vulnerability allows a remote, unauthenticated attacker to create an account on an affected system with privilege level 15 access. This vulnerability allows a remote, unauthenticated attacker to create an account on an affected system with privilege level 15 access.

Internet 128

Internet Internet Software Accountability 128

Security Affairs

MARCH 13, 2022

This post provides a timeline of the events related to the Russia invasion of Ukraine from the cyber security perspective. March 11 – Anonymous hacked Roskomnadzor agency revealing Russian disinformation. March 9 – Multiple Russian government websites hacked in a supply chain attack. Is it fake news?

Hacking 87

Hacking DDOS Phishing Malware 87

Security Affairs

JANUARY 15, 2024

Doctor Web has discovered a malicious Linux program that hacks websites based on a WordPress CMS. In the attacks monitored by Sucuri, the injection is added as a handler for the “ sgpbWillOpen ” event that is triggered right before the hijacked popup opens. The malware supports multiple attack vectors and persistence mechanisms.

Malware 115

Malware Hacking Accountability Information Security 115

Security Affairs

APRIL 10, 2022

This post provides a timeline of the events related to the Russian invasion of Ukraine from the cyber security perspective. Below is the timeline of the events related to the ongoing invasion of Ukraine that occurred in the previous weeks: April 8 – Anonymous and the IT ARMY of Ukraine continue to target Russian entities.

Government 93

Government Hacking Accountability Phishing 93

Security Affairs

AUGUST 31, 2023

. “As a result, we believe the risk to individuals whose personal data was involved in this event is low. Nonetheless, a robust review of the files involved was conducted to identify individuals whose personal information may be contained in the files.”

Retail 123

Retail Data breaches Identity Theft Banking 123

Security Affairs

NOVEMBER 9, 2023

Attackers posted details about the Dolly.com hack on a notorious Russian-language forum, typically employed by ransomware operators and stolen data traders. In exchange, the attackers were asked to delete the stolen information. The attack on Dolly.com Dolly.com offers on-demand moving and delivery services in 45 US cities.

Ransomware 115

Ransomware Hacking Backups Accountability 115

Security Affairs

JULY 2, 2022

Security researchers from Horizon3.ai The tool allows monitoring activities of Active Directory and produces alerts and reporting for one or more desired Active Directory change events. The unauthenticated remote code execution vulnerability was discovered by security researcher Naveen Sunkavally at Horizon3.ai

Authentication 98

Authentication Accountability Hacking Software 98

Security Affairs

FEBRUARY 8, 2024

“The group also relies on valid accounts and leverage strong operational security, which combined, allows for long-term undiscovered persistence. The Volt Typhoon’s activities suggest that the group primarily aims to establish a foothold within networks to secure access to Operational Technology (OT) assets.

Energy and Utilities 112

Energy and Utilities VPN Manufacturing Firewall 112

Security Affairs

OCTOBER 26, 2022

“See Tickets was alerted to activity indicating potential unauthorized access by a third party to certain event checkout pages on the See Tickets website in April 2021. “On September 12, 2022, we determined the event may have resulted in unauthorized access to the payment card information of certain of our customers.

Data breaches 88

Data breaches Banking Malware Hacking 88

Security Affairs

AUGUST 26, 2023

Source Twitter account @leak_ix In response to the incident, the company took down some of the impacted systems to contain the threat, it also launched an investigation into the incident. In response to this event, we’ve taken quick and determined steps to reduce potential risks. ” reads the notice.

Cyber Attacks 92

Cyber Attacks Hacking Cybersecurity Accountability 92

Security Affairs

JULY 13, 2023

Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) on July 12, 2023 have published a joint advisory to warn organizations and allow them to enhance organizational cybersecurity posture and position organizations to detect similar malicious activity via implementing the listed logging recommendations.

Government 73

Government Accountability Authentication Hacking 73

Security Affairs

FEBRUARY 24, 2024

Messaging services use classical public key cryptography, such as RSA, Elliptic Curve signatures, and Diffie-Hellman key exchange, to establish secure end-to-end encrypted connections between devices. Post-quantum computing refers to events that follow the development of quantum computers.

Encryption 122

Encryption Authentication Hacking Accountability 122

Security Affairs

APRIL 17, 2023

Unit42 researchers were able to recover the script from the Windows Event Log (WEL). The script identifies any mounted drives on the target system by using Windows Management Instrumentation (WMI) , then iterates through the identified drives to prepare data exfiltration via HTTP POST events using the object’s.UploadFile method.

Ransomware 92

Ransomware Backups Education Media 92