Accountability, Event and Information Security

Cybercriminals launched “Leaksmas” event in the Dark Web exposing massive volumes of leaked PII and compromised data

Security Affairs

DECEMBER 28, 2023

It will inevitably result in them facing a host of adverse effects, such as account takeovers (ATO), business email compromises (BEC), identity theft, and financial fraud. This widespread geographical distribution of “Free Leaksmas” event highlights the extensive global reach and severe impact of these cybercriminal activities.

Identity Theft

Identity Theft Data breaches Government Hacking

Ransomware gangs target companies involved in time-sensitive financial events, FBI warns

Security Affairs

NOVEMBER 2, 2021

The FBI warns of ransomware attacks on businesses involved in “time-sensitive financial events” such as corporate mergers and acquisitions. Ransomware gangs target these companies because there is a high likelihood that they will pay the ransom to avoid the impact of the disclosure of sensitive data during these events.

Ransomware

Ransomware Hacking Accountability Cybercrime

USENIX Security ’23 – ‘“It’s The Equivalent of Feeling Like You’re In Jail”: Lessons From Firsthand & Secondhand Accounts Of IoT-Enabled Intimate Partner Abuse’

Security Boulevard

DECEMBER 23, 2023

Full Presenter List: Sophie Stephenson, Majed Almansoori, Pardis Emami-Naeini, Rahul Chatterjee Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open Access.

IoT

IoT Accountability Architecture Education

Attackers use Google Calendar RAT to abuse Calendar service as C2 infrastructure

Security Affairs

NOVEMBER 6, 2023

Google Calendar RAT is a PoC of Command&Control (C2) over Google Calendar Events, it was developed red teaming activities. “To use GRC, only a Gmail account is required.” “The script creates a ‘Covert Channel’ by exploiting the event descriptions in Google Calendar.

Accountability

Accountability Hacking Information Security Malware

Nintendo admitted that hackers have breached 300,000 accounts

Security Affairs

JUNE 10, 2020

Japanese gaming giant Nintendo has confirmed that hackers have breached 300,000 accounts since early April, financial data were not exposed. The Japanese video game giant Nintendo has admitted that threat actors have breached 300,000 accounts since early April. ” reads a post published by the CNN. Pierluigi Paganini.

Accountability

Accountability Advertising Passwords Hacking

SJW Group Appoints James P. Lynch as Chief Accounting Officer, Andrew Walters as Chief Financial Officer; San Jose Water Appoints Peter Fletcher as Vice President – Information Security Officer

CyberSecurity Insiders

JANUARY 28, 2022

Lynch as chief accounting officer and Andrew F. Peter Fletcher has been appointed vice president – information security officer of San Jose Water Co., Lynch has an extensive accounting and auditing background, with a 26-year career at KPMG LLP that included responsibilities as an audit partner. About SJW Group.

Information Security

Information Security Accountability Marketing Risk

Nintendo confirms that hackers might have hijacked 160,000 user accounts

Security Affairs

APRIL 24, 2020

Nintendo has disconnected the NNID legacy login system from main Nintendo profiles after it has discovered a massive account hijacking campaign. The gaming giant Nintendo announced that hackers gained accessed at least 160,000 user accounts as part of an account hijacking campaign since early April. ” reported ZDNet.

Accountability

Accountability Passwords Data breaches Advertising

Hackers hijacked Coincheck ‘s domain registrar account and targeted some users

Security Affairs

JUNE 4, 2020

The Japanese cryptocurrency exchange Coincheck announced that threat actors have accessed their account at the Oname.com domain registrar and hijacked one of its domain names. “The domain registration information has been amended at around 20:52 on June 1, 2020, and there is no impact on the customer’s assets at this time.”

Accountability

Accountability Phishing DNS Cryptocurrency

Critical Zoom Room bug allowed to gain access to Zoom Tenants

Security Affairs

NOVEMBER 30, 2023

Researchers at AppOms discovered a vulnerability in Zoom Room as part of the HackerOne live hacking event H1-4420. The experts discovered the vulnerability in June 2023, they warned that an attacker can take over a Zoom Room’s service account and gain access to the victim’s organization’s tenant.

Accountability

Accountability Hacking Information Security

Okta customer support system breach impacted 134 customers

Security Affairs

NOVEMBER 3, 2023

The threat actor was able to use these session tokens to hijack the legitimate Okta sessions of 5 customers, 3 of whom have shared their own response to this event.” ” The three customers who shared their own responses to the event are Cloudflare, 1Password , and BeyondTrust. ” continues the post.

Data breaches

Data breaches Social Engineering Accountability Authentication

“Accountability framework” proposed to promote secure health care practices

SC Magazine

MARCH 11, 2021

In response, the non-profit has offered a glimpse into its work-in-progress “Accountability Framework,” designed to help relevant health care stakeholders take responsibility for keeping cyberspace secure by enforcing behavioral norms and also by understanding and rooting out the underlying causes when attacks do happen. “Too

Accountability

Accountability Healthcare Government CISO

Brokewell Android malware supports an extensive set of Device Takeover capabilities

Security Affairs

APRIL 27, 2024

Brokewell malware supports “accessibility logging,” it records any device events such as touches, swipes, displayed information, text input, and opened applications. The experts explained that potentially all applications on the device are vulnerable to data compromise as Brokewell logs every event.

Malware

Malware Spyware Authentication Mobile

City of Philadelphia suffers a data breach

Security Affairs

OCTOBER 23, 2023

The City of Philadelphia discloses a data breach that resulted from a cyber attack that took place on May 24 and that compromised City email accounts. The City of Philadelphia announced it is investigating a data breach after attackers that threat actors broke some of City email accounts containing personal and protected health information.

Data breaches

Data breaches Identity Theft Accountability Scams

Dunkin Donuts Forced to 'Fill Security Holes' in Data Breach Settlement

SecureWorld News

SEPTEMBER 17, 2020

According to state investigators, Dunkin' Donuts failed to respond to a series of successful cyber attacks that left tens of thousands of customer's online accounts vulnerable. Now the company is being forced to take certain information security measures and pay a $650,000 fine to the state of New York.

Data breaches

Data breaches Accountability Cyber Attacks Cybersecurity

Sumo Logic discloses security breach and recommends customers rotate credentials

Security Affairs

NOVEMBER 8, 2023

Security firm Sumo Logic disclosed a security breach after discovering the compromise of its AWS account compromised last week. The company disclosed a security breach after discovering that its AWS account was compromised last week. The company discovered the security breach on Friday, November 3, 2023.

Encryption

Encryption Accountability Hacking Cybersecurity

CPDP 2021 – Moderator: Eduard Fosch-Villaronga ‘Artountability: Accountability, Ai And Art’

Security Boulevard

MAY 8, 2021

The post CPDP 2021 – Moderator: Eduard Fosch-Villaronga ‘Artountability: Accountability, Ai And Art’ appeared first on Security Boulevard. Our sincere thanks to CPDP 2021 - Computers, Privacy & Data Protection Conference for publishing their well-crafted videos on the organization's YouTube channel.

Accountability

Accountability Education InfoSec Information Security

Glut of Fake LinkedIn Profiles Pits HR Against the Bots

Krebs on Security

OCTOBER 5, 2022

The fabricated LinkedIn identities — which pair AI-generated profile photos with text lifted from legitimate accounts — are creating major headaches for corporate HR departments and for those managing invite-only LinkedIn groups. Another “swarm” of LinkedIn bot accounts flagged by Taylor’s group.

Accountability

Accountability Scams Artificial Intelligence Cryptocurrency

“My Slice”, an Italian adaptive phishing campaign

Security Affairs

JANUARY 22, 2024

Attackers often exploit current events or emergency situations to elicit emotional responses and induce victims to act hastily without carefully evaluating the legitimacy of the communications. He is also the author of the book “La Gestione della Cyber Security nella Pubblica Amministrazione”.

Phishing

Phishing Education Social Engineering Media

GUEST ESSAY: Now more than ever, companies need to proactively promote family Online Safety

The Last Watchdog

FEBRUARY 15, 2021

Companies must take this into account and consider extending employee training to also promote security and privacy habits among all family members, especially children. Companies can promote family online safety with family-focused materials, events, and outreach. Host virtual events? Do you have a corporate book club?

Education

Education CISO Security Awareness Cybersecurity

FBI and CISA warn of attacks by Rhysida ransomware gang

Security Affairs

NOVEMBER 15, 2023

PuTTY.exe Rhysida actors have been observed creating Secure Shell (SSH) PuTTy connections for lateral movement. In one example, analysis of PowerShell console host history for a compromised user account revealed Rhysida actors leveraged PuTTy to remotely connect to systems via SSH [ T1021.004 ].

Ransomware

Ransomware Healthcare Manufacturing Education

Cisco warns of active exploitation of IOS XE zero-day

Security Affairs

OCTOBER 16, 2023

The advisory published by the vendor states that the exploitation of the vulnerability allows a remote, unauthenticated attacker to create an account on an affected system with privilege level 15 access. The attacker can then use that account to gain control of the affected system.” ” states Cisco Talos.

Accountability

Accountability Internet Internet Software

Cactus ransomware gang claims the Schneider Electric hack

Security Affairs

JANUARY 30, 2024

The ransomware identifies user accounts by viewing successful logins in Windows Event Viewer, it also uses a modified variant of the open-source PSnmap Tool. Cactus ransomware uses the SoftPerfect Network Scanner (netscan) to look for other targets on the network along with PowerShell commands to enumerate endpoints.

Ransomware

Ransomware Hacking Data breaches Digital transformation

Okta reveals additional attackers’ activities in October 2023 Breach

Security Affairs

NOVEMBER 29, 2023

The threat actor was able to use these session tokens to hijack the legitimate Okta sessions of 5 customers, 3 of whom have shared their own response to this event.” The three customers who shared their own responses to the event are Cloudflare, 1Password , and BeyondTrust. ” continues the update.

Social Engineering

Social Engineering Authentication Engineering Accountability

Experts shared PoC exploit code for RCE in Zoho ManageEngine ADAudit Plus tool

Security Affairs

JULY 2, 2022

Security researchers from Horizon3.ai The tool allows monitoring activities of Active Directory and produces alerts and reporting for one or more desired Active Directory change events. The unauthenticated remote code execution vulnerability was discovered by security researcher Naveen Sunkavally at Horizon3.ai

Authentication

Authentication Accountability Hacking Software

LockBit on a Roll – ICBC Ransomware Attack Strikes at the Heart of the Global Financial Order

Security Affairs

DECEMBER 4, 2023

This ominous cyber-event sent shockwaves through the $26 trillion U.S. The ransomware disruption temporarily prevented bank employees from accessing their corporate email accounts and connecting to the Depository Trust and Clearing Corporation to resolve large batches of U.S. trillion under management. Treasury market. Treasury trades.

Ransomware

Ransomware Banking Financial Services Marketing

GUEST ESSAY: Preparing for the dire cybersecurity consequences of Russia’s invasion of Ukraine

The Last Watchdog

APRIL 13, 2022

Enforce strong passwords and implement multi-factor authentication (MFA) — by educating users about using a unique password for each account and enforcing higher security for privileged accounts (administrators, root). Accounting for humans. •Educate your employees on threats and risks such as phishing and malware.

Cybersecurity

Cybersecurity Cybercrime Education Passwords

Bank of America customer data compromised after a third-party services provider data breach

Security Affairs

FEBRUARY 13, 2024

the Maine Attorney General’s Office, Bank of America noted that it cannot determine “with certainty what personal information was accessed” during the attack. .” On February 1, Bank of America started notifying 57028 customers impacted by the data breach.

Data breaches

Data breaches Banking Identity Theft Ransomware

Cactus ransomware gang claims the theft of 1.5TB of data from Energy management and industrial automation firm Schneider Electric

Security Affairs

FEBRUARY 19, 2024

The ransomware identifies user accounts by viewing successful logins in Windows Event Viewer, it also uses a modified variant of the open-source PSnmap Tool. Cactus ransomware uses the SoftPerfect Network Scanner (netscan) to look for other targets on the network along with PowerShell commands to enumerate endpoints.

Ransomware

Ransomware Digital transformation Retail Antivirus

CPDP 2021 – Moderator: Eduard Fosch-Villaronga ‘Artountability: Accountability, AI, And Art’

Security Boulevard

MAY 11, 2021

The post CPDP 2021 – Moderator: Eduard Fosch-Villaronga ‘Artountability: Accountability, AI, And Art’ appeared first on Security Boulevard. Our sincere thanks to CPDP 2021 - Computers, Privacy & Data Protection Conference for publishing their well-crafted videos on the organization's YouTube channel.

Accountability

Accountability Education InfoSec Information Security

Data Breach at Legal Service Provider May Have Compromised Health Info of 36,000 Patients in Pittsburgh

Hot for Security

FEBRUARY 9, 2021

(CJH) is alerting more than 36,000 UPMC patients that some of their personal data may have been inappropriately accessed as the result of an information security breach at the company,” the notice reads. “This event did not occur at UPMC or affect the security of its electronic patient records or other computer systems.”

Data breaches

Data breaches Identity Theft Computers and Electronics Insurance

Wiregrass Electric Cooperative hit by a ransomware attack

Security Affairs

JULY 7, 2021

The cyberattack temporarily blocked the customers’ access to their account information, the cooperative is working to restore the impacted system. We are thankful that no information has been accessed during this event.”. The system maintenance prevents members from accessing their accounts and any payment systems.”

Ransomware

Ransomware Accountability Data breaches Hacking

See Tickets discloses data breach, customers’ credit card data exposed

Security Affairs

OCTOBER 26, 2022

“See Tickets was alerted to activity indicating potential unauthorized access by a third party to certain event checkout pages on the See Tickets website in April 2021. “On September 12, 2022, we determined the event may have resulted in unauthorized access to the payment card information of certain of our customers.

Data breaches

Data breaches Banking Malware Hacking

CVE-2023-20198 zero-day widely exploited to install implants on Cisco IOS XE systems

Security Affairs

OCTOBER 17, 2023

The advisory published by the vendor states that the exploitation of the vulnerability allows a remote, unauthenticated attacker to create an account on an affected system with privilege level 15 access. This vulnerability allows a remote, unauthenticated attacker to create an account on an affected system with privilege level 15 access.

Internet

Internet Internet Hacking Accountability

A new SharkBot variant bypassed Google Play checks again

Security Affairs

SEPTEMBER 5, 2022

The researchers found two SharkbotDopper apps in Google Play Store, “Mister Phone Cleaner” and “Kylhavy Mobile Security,” with 10K and 50K installs respectively. SharkBot is a banking trojan that has been active since October 2021, it allows to steal banking account credentials and bypass multi-factor authentication mechanisms.

Banking

Banking Malware Mobile Accountability

Security BSides Athens 2021 – Talk 8: Leonidas Tsaousis’ ‘Click Here For Free TV! Chaining Bugs To Takeover Wind Vision Account’

Security Boulevard

AUGUST 5, 2021

Our thanks to Security BSides Athens for publishing their outstanding Security BSides Athens 2021 Conference videos on the groups' YouTube channel. The post Security BSides Athens 2021 – Talk 8: Leonidas Tsaousis’ ‘Click Here For Free TV!

Accountability

Accountability Education InfoSec Information Security

Vice Society gang is using a custom PowerShell tool for data exfiltration

Security Affairs

APRIL 17, 2023

Unit42 researchers were able to recover the script from the Windows Event Log (WEL). The script identifies any mounted drives on the target system by using Windows Management Instrumentation (WMI) , then iterates through the identified drives to prepare data exfiltration via HTTP POST events using the object’s.UploadFile method.

Ransomware

Ransomware Backups Education Media

Apr 03 – Apr 09 Ukraine – Russia the silent cyber conflict

Security Affairs

APRIL 10, 2022

This post provides a timeline of the events related to the Russian invasion of Ukraine from the cyber security perspective. Below is the timeline of the events related to the ongoing invasion of Ukraine that occurred in the previous weeks: April 8 – Anonymous and the IT ARMY of Ukraine continue to target Russian entities.

Government

Government Hacking Accountability Phishing

Fashion retailer Forever 21 data breach impacted +500,000 individuals

Security Affairs

AUGUST 31, 2023

. “As a result, we believe the risk to individuals whose personal data was involved in this event is low. Nonetheless, a robust review of the files involved was conducted to identify individuals whose personal information may be contained in the files.”

Retail

Retail Data breaches Identity Theft Banking

Mar 27 – Apr 02 Ukraine – Russia the silent cyber conflict

Security Affairs

APRIL 3, 2022

This post provides a timeline of the events related to the Russian invasion of Ukraine from the cyber security perspective. Mar 28 – While Twitter suspends Anonymous accounts, the group hacked VGTRK Russian Television and Radio. Apr 02 – Ukraine intelligence leaks names of 620 alleged Russian FSB agents.

DDOS

DDOS Hacking Mobile Internet

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

Security Affairs

FEBRUARY 8, 2024

“The group also relies on valid accounts and leverage strong operational security, which combined, allows for long-term undiscovered persistence. The Volt Typhoon’s activities suggest that the group primarily aims to establish a foothold within networks to secure access to Operational Technology (OT) assets.

Energy and Utilities

Energy and Utilities VPN Manufacturing Firewall

Cybersecurity firm Dragos shared details about a failed extortion attempt it suffered

Security Affairs

MAY 10, 2023

“We investigated alerts in our corporate Security Information & Event Management (SIEM) and blocked the compromised account. “We are confident that our layered security controls prevented the threat actor from accomplishing what we believe to be their primary objective of launching ransomware.”

Cybersecurity

Cybersecurity Ransomware Accountability Hacking

Experts released PoC exploit code for Cisco IOS XE flaw CVE-2023-20198

Security Affairs

OCTOBER 31, 2023

The advisory published by the vendor states that the exploitation of the vulnerability allows a remote, unauthenticated attacker to create an account on an affected system with privilege level 15 access. This vulnerability allows a remote, unauthenticated attacker to create an account on an affected system with privilege level 15 access.

Internet

Internet Internet Software Accountability

How did the Okta Support breach impact 1Password?

Security Affairs

OCTOBER 24, 2023

. “Based on the activity logs provided by Okta for their Support Portal, the HAR file had not been accessed by their support engineer until after the events of the incident. Security confirmed that the act of downloading the file would be captured in the activity logs by downloading the file from the support case.

Password Management

Password Management Engineering Authentication Data breaches

Cybercriminals launched “Leaksmas” event in the Dark Web exposing massive volumes of leaked PII and compromised data

Ransomware gangs target companies involved in time-sensitive financial events, FBI warns

Trending Sources

USENIX Security ’23 – ‘“It’s The Equivalent of Feeling Like You’re In Jail”: Lessons From Firsthand & Secondhand Accounts Of IoT-Enabled Intimate Partner Abuse’

Attackers use Google Calendar RAT to abuse Calendar service as C2 infrastructure

Nintendo admitted that hackers have breached 300,000 accounts

SJW Group Appoints James P. Lynch as Chief Accounting Officer, Andrew Walters as Chief Financial Officer; San Jose Water Appoints Peter Fletcher as Vice President – Information Security Officer

Nintendo confirms that hackers might have hijacked 160,000 user accounts

Hackers hijacked Coincheck ‘s domain registrar account and targeted some users

Critical Zoom Room bug allowed to gain access to Zoom Tenants

Okta customer support system breach impacted 134 customers

“Accountability framework” proposed to promote secure health care practices

Brokewell Android malware supports an extensive set of Device Takeover capabilities

City of Philadelphia suffers a data breach

Dunkin Donuts Forced to 'Fill Security Holes' in Data Breach Settlement

Sumo Logic discloses security breach and recommends customers rotate credentials

CPDP 2021 – Moderator: Eduard Fosch-Villaronga ‘Artountability: Accountability, Ai And Art’

Glut of Fake LinkedIn Profiles Pits HR Against the Bots

“My Slice”, an Italian adaptive phishing campaign

GUEST ESSAY: Now more than ever, companies need to proactively promote family Online Safety

Top 2023 Security Affairs cybersecurity stories

FBI and CISA warn of attacks by Rhysida ransomware gang

Cisco warns of active exploitation of IOS XE zero-day

Cactus ransomware gang claims the Schneider Electric hack

Okta reveals additional attackers’ activities in October 2023 Breach

Experts shared PoC exploit code for RCE in Zoho ManageEngine ADAudit Plus tool

LockBit on a Roll – ICBC Ransomware Attack Strikes at the Heart of the Global Financial Order

GUEST ESSAY: Preparing for the dire cybersecurity consequences of Russia’s invasion of Ukraine

Bank of America customer data compromised after a third-party services provider data breach

Cactus ransomware gang claims the theft of 1.5TB of data from Energy management and industrial automation firm Schneider Electric

CPDP 2021 – Moderator: Eduard Fosch-Villaronga ‘Artountability: Accountability, AI, And Art’

Data Breach at Legal Service Provider May Have Compromised Health Info of 36,000 Patients in Pittsburgh

Wiregrass Electric Cooperative hit by a ransomware attack

See Tickets discloses data breach, customers’ credit card data exposed

CVE-2023-20198 zero-day widely exploited to install implants on Cisco IOS XE systems

A new SharkBot variant bypassed Google Play checks again

Security BSides Athens 2021 – Talk 8: Leonidas Tsaousis’ ‘Click Here For Free TV! Chaining Bugs To Takeover Wind Vision Account’

Vice Society gang is using a custom PowerShell tool for data exfiltration

Apr 03 – Apr 09 Ukraine – Russia the silent cyber conflict

Fashion retailer Forever 21 data breach impacted +500,000 individuals

Mar 27 – Apr 02 Ukraine – Russia the silent cyber conflict

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

Cybersecurity firm Dragos shared details about a failed extortion attempt it suffered

Experts released PoC exploit code for Cisco IOS XE flaw CVE-2023-20198

How did the Okta Support breach impact 1Password?

Stay Connected