Krebs on Security

OCTOBER 28, 2020

-based cyber intelligence firm Hold Security , KrebsOnSecurity in March told Gunnebo about a financial transaction between a malicious hacker and a cybercriminal group which specializes in deploying ransomware. “The harsh and unfortunate reality is the security of a number of security companies is s**t,” Arena said.

Hacking 358

Hacking Ransomware Banking Accountability 358

Security Affairs

NOVEMBER 30, 2024

Financially-motivated threat actors hacked Uganda ‘s central bank system, government officials confirmed this week. Ugandan officials confirmed on Thursday that the national central bank suffered a security breach by financially-motivated threat actors. The Daily Monitor newspaper reported that the attackers stole 47.8

Banking 142

Banking Government Accountability Hacking 142

Security Affairs

MAY 2, 2025

Microsoft announced that all new accounts will be “passwordless by default” to increase their level of security. Microsoft now makes all new accounts “passwordless by default,” enhancing protection against social engineering attacks, phishing, brute-force, and credential stuffing attacks.

Accountability 67

Accountability Passwords Social Engineering Authentication 67

Krebs on Security

JULY 18, 2023

[This is Part III in a series on research conducted for a recent Hulu documentary on the 2015 hack of marital infidelity website AshleyMadison.com.] LeakedSource was advertised on a number of popular cybercrime forums as a service that could help hackers break into valuable or high-profile accounts. Abusewith[.]us

Hacking 242

Hacking Accountability Data breaches Marketing 242

Security Affairs

NOVEMBER 4, 2024

for phishing scams that stole millions by hacking email accounts. A Nigerian national was sentenced to 26 years in prison in the US for stealing millions by compromising the email accounts of real estate businesses. for phishing scams that resulted in the compromise of millions of email accounts. million in restitution.

Scams 126

Scams Phishing Identity Theft Accountability 126

Security Affairs

JUNE 9, 2025

OpenAI banned ChatGPT accounts tied to Russian and Chinese hackers using the tool for malware, social media abuse, and U.S. OpenAI banned ChatGPT accounts that were used by Russian-speaking threat actors and two Chinese nation-state actors. We banned the OpenAI accounts used by this adversary.” satellite tech research.

Accountability 74

Accountability Social Engineering Media Penetration Testing 74

Security Affairs

APRIL 22, 2025

Japan s Financial Services Agency (FSA) warns of hundreds of millions in unauthorized trades linked to hacked brokerage accounts. from fake websites (phishing sites) disguised as websites of real securities companies.” Avoid password reuse, choose complex passwords, and check account activity often.

Financial Services 121

Financial Services Passwords Accountability Antivirus 121

Security Affairs

APRIL 9, 2025

The US Office of the Comptroller of the Currency (OCC) disclosed a major email breach compromising 100 accounts, undetected for over a year. The cybersecurity incident involved unauthorized access to emails via a compromised admin account. Affected accounts were disabled. The breach was confirmed on Feb. OCC on Feb.

Accountability 125

Accountability Banking Information Security Hacking 125

Security Affairs

OCTOBER 14, 2024

“Between August 17 and August 19, a third party accessed and obtained certain information without authorization using two customer accounts that they had recently established. An investigation was promptly launched with assistance from external security experts.”

Data breaches 135

Data breaches Financial Services Accountability Hacking 135

Krebs on Security

OCTOBER 20, 2023

BeyondTrust’s security team detected that someone was trying to use an Okta account assigned to one of their engineers to create an all-powerful administrator account within their Okta environment. The disclosure from Okta comes just weeks after casino giants Caesar’s Entertainment and MGM Resorts were hacked.

Social Engineering 362

Social Engineering Engineering Accountability Hacking 362

Security Affairs

NOVEMBER 24, 2024

Stolen information offered for sale on the carding website included bank account, credit card, and debit card numbers and associated information for conducting transactions. seized $283,000 in cryptocurrency from an account linked to Sami as part of actions against the illicit activities of PopeyeTools.

Cybercrime 132

Cybercrime Cryptocurrency Banking Accountability 132

Security Affairs

JUNE 19, 2025

With over 16 billion login records exposed, cybercriminals now have unprecedented access to personal credentials that can be used for account takeover, identity theft, and highly targeted phishing. While many records overlap, the true number of exposed accounts is still unclear. The leaked datasets range from 16 million to 3.5

Data breaches 110

Data breaches Identity Theft Passwords Malware 110

Security Affairs

JUNE 12, 2025

Over 40,000 internet-exposed security cameras worldwide are vulnerable to remote hacking, posing serious privacy and security risks. Bitsight warns that over 40,000 security cameras worldwide are exposed to remote hacking due to unsecured HTTP or RTSP (Real-Time Streaming Protocol) access.

Hacking 67

Hacking Telecommunications Internet Internet 67

Security Affairs

OCTOBER 29, 2024

The two infostealers allowed operators to harvest usernames, passwords, contact info, and crypto-wallets from victims, the threat actors sold this data to criminals for financial theft and hacking. Use a password manager : Simplifies managing strong, unique passwords across accounts. payment info) may have been compromised.

Identity Theft 127

Identity Theft Passwords Malware Banking 127

Security Affairs

FEBRUARY 17, 2025

Researchers warn that the whoAMI attack lets attackers publish an AMI with a specific name to execute code in an AWS account. The researchers warn that, at scale, this attack could impact thousands of AWS accounts, with around 1% of organizations estimated to be vulnerable. ” reads the advisory published by the company.

Accountability 63

Accountability Hacking Cybersecurity Information Security 63

Security Affairs

APRIL 7, 2025

Cybercriminals exploit compromised accounts for EDR-as-a-Service (Emergency Data Requests – EDR), targeting major platforms According to a detailed analysis conducted by Meridian Group, an increasingly complex and structured phenomenon, commonly referred to as EDR-as-a-Service, is taking hold in the cybersecurity landscape.

Cybercrime 140

Cybercrime Social Engineering Accountability Government 140

Security Affairs

OCTOBER 28, 2024

. “Free was “the victim of a cyberattack targeting a management tool” leading to “unauthorized access to some of the personal data associated with the accounts of certain subscribers ,” the second largest telephone operator in France confirmed to Agence France-Presse (AFP) on Saturday, October 26.

Cyber Attacks 127

Cyber Attacks Telecommunications Data breaches Banking 127

Security Affairs

JUNE 11, 2025

After the operation, the authorities alerted over 216,000 victims to help them quickly secure their accounts and prevent further unauthorized access. “More than 20,000 malicious IP addresses or domains linked to information stealers have been taken down in an INTERPOL-coordinated operation against cybercriminal infrastructure.”

Cybercrime 112

Cybercrime Data collection Scams Cyber threats 112

Security Affairs

NOVEMBER 15, 2024

“Ilya Lichtenstein was sentenced today to five years in prison for his involvement in a money laundering conspiracy arising from the hack and theft of approximately 120,000 bitcoin from Bitfinex, a global cryptocurrency exchange.” Billion in stolen cryptocurrency stolen during the 2016 hack of Bitfinex.

Cryptocurrency 107

Cryptocurrency Hacking Government Accountability 107

Security Affairs

JANUARY 2, 2025

The “DoubleClickjacking” exploit bypasses protections on major websites, using a double-click sequence for clickjacking and account takeover attacks. Attackers can exploit the technique to facilitate clickjacking attacks and account takeovers on almost all major websites. ” Paulos Yibelo wrote.

Accountability 120

Accountability Authentication Hacking Information Security 120

Security Affairs

JUNE 11, 2025

A vulnerability could allow recovery of the phone number associated with a Google account by carrying out a brute force attack. This flaw allowed potential abuse of the form to reveal recovery details linked to a Google account display name like “John Smith.” ” reads the report published by the researcher.

Accountability 74

Accountability Passwords Hacking Information Security 74

Security Affairs

NOVEMBER 3, 2024

The operators maintain the botnet to launch distributed brute-force attacks on VPNs, Telnet, SSH, and Microsoft 365 accounts. These routers are used to relay brute-force attacks on Microsoft 365 accounts. In the majority of the campaigns, about 80 percent, CovertNetwork-1658 makes only one sign-in attempt per account per day.

Passwords 135

Passwords Wireless VPN Accountability 135

Security Affairs

NOVEMBER 21, 2024

The cybercrime group Scattered Spider is suspected of hacking into hundreds of organizations over the past two years, including Twilio , LastPass , DoorDash , and Mailchimp. Victims included gaming, telecom, and cryptocurrency firms, with losses reaching millions in stolen cryptocurrency and data from hundreds of thousands of accounts.

Cybercrime 111

Cybercrime Identity Theft Cryptocurrency Phishing 111

Security Affairs

OCTOBER 17, 2024

The fixed version sets a randomly-generated password for the duration of the image build and it disables the builder account at the conclusion of the image build. Alternatively, disable the ‘builder’ account with usermod -L builder on affected VMs.” ” Kubernetes Image Builder v0.1.38

Accountability 135

Accountability Passwords Hacking Cybersecurity 135

Security Affairs

APRIL 19, 2025

Threat actors were spotted exploiting the default super admin account (admin@LocalDomain), which often still uses the weak default password password. Arctic Wolf is monitoring the situation and urges organizations to secure all local accounts. Even fully patched devices can be compromised if password hygiene is poor.

Passwords 108

Passwords Firewall VPN Accountability 108

Security Affairs

FEBRUARY 4, 2025

The investigation revealed that attackers had compromised an account associated with a third-party provider of support services. Then GrubHub locked out the attackers and removed the hacked account. Upon discovery, we promptly launched an investigation, identifying unauthorized access to an account associated with this provider.”

Data breaches 116

Data breaches Passwords Accountability Hacking 116

Security Affairs

DECEMBER 21, 2024

” Recently, The Federal Office for Information Security (BSI) announced it had blocked communication between the 30,000 devices infected with the BadBox malware and the C2. The BadBox malware, pre-installed on devices, creates email and messaging accounts for spreading disinformation.

Firmware 143

Firmware Malware Internet Internet 143

Security Affairs

NOVEMBER 29, 2024

Rockstar 2FA targets Microsoft 365 accounts and bypasses multi-factor authentication with adversary-in-the-middle (AitM) attacks. The Rockstar admin panel is user-friendly, it allows customers to track phishing activity, including visit stats and account validity, and offers tools like URL generators and customizable email themes.

Phishing 114

Phishing Accountability Authentication Advertising 114

Security Affairs

MARCH 27, 2025

Arkana Security, a new ransomware group, claims to have breached the telecommunications provider WideOpenWest (WOW!). The new ransomware group Arkana Security claims to have hacked US telecom provider WOW!, million accounts. stealing customer data. WideOpenWest (WOW!) “We have fully compromised Wide Open West (WOW!),

Hacking 79

Hacking Telecommunications Data breaches Internet 79

Security Affairs

OCTOBER 19, 2024

This week, Sophos researchers warned that ransomware operators are exploiting the critical vulnerability CVE-2024-40711 in Veeam Backup & Replication to create rogue accounts and deploy malware. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, CISA)

Backups 132

Backups Ransomware VPN Authentication 132

Security Affairs

OCTOBER 15, 2024

In October 2018, the US-CERT released a joint technical alert from the DHS, the FBI, and the Treasury warning about the ATM cash-out scheme, dubbed “FASTCash,” being used by the prolific North Korean APT hacking group known as Hidden Cobra (aka Lazarus Group and Guardians of Peace). post-April 2022. post-April 2022.

Malware 134

Malware Banking Hacking Accountability 134

Security Affairs

MAY 17, 2025

officials to build trust and access personal accounts. Threat actors send malicious links posing as messaging platform invites to access officials’ accounts, then exploit contacts to impersonate and extract data or funds. Use a secret word with family to confirm identities and stay secure.

Government 124

Government Social Engineering Authentication Accountability 124

Security Affairs

JUNE 20, 2024

A researcher discovered a flaw that allows attackers to impersonate Microsoft corporate email accounts and launch phishing attacks. The security researcher Vsevolod Kokorin (@Slonser) discovered a bug that allows anyone to impersonate Microsoft corporate email accounts. Then Kokorin disclosed the flaw on X.

Accountability 145

Accountability Phishing Hacking Information Security 145

Security Affairs

NOVEMBER 18, 2024

T-Mobile confirmed being a victim of recent hacking campaigns linked to China-based threat actors targeting telecom companies. T-Mobile confirms it was hacked as part of a long-running cyber espionage campaign targeting Telco companies. and its allies for hacking activities in July. Wall Street Journal reported.

Mobile 114

Mobile Telecommunications Data breaches Hacking 114

Security Affairs

FEBRUARY 16, 2025

The attackers employ a phishing technique called device code phishing, which tricks users into logging into productivity apps while capturing login tokens that can be used to take over compromised accounts. ” Device code phishing attacks exploit authentication flows to steal tokens, granting attackers access to accounts and data.

Phishing 116

Phishing Authentication Telecommunications Accountability 116

Security Affairs

DECEMBER 4, 2024

that could be exploited to leak an NTLM hash of the VSPC server service account and delete files on the VSPC server machine. In mid-October, Sophos researchers warned that ransomware operators are exploiting the vulnerability CVE-2024-40711 to create rogue accounts and deploy malware. ” reads the advisory.

Backups 114

Backups Ransomware Accountability Hacking 114

Security Affairs

NOVEMBER 9, 2024

In mid-October, Sophos researchers warned that ransomware operators are exploiting the critical vulnerability CVE-2024-40711 in Veeam Backup & Replication to create rogue accounts and deploy malware. Akira was first seen in 2023 and appears to be inactive since mid-October with its information leak site now offline.”

Backups 134

Backups Ransomware VPN Accountability 134