Security Affairs

MARCH 18, 2024

Threat actors compromised at least 11 International Monetary Fund (IMF) email accounts earlier this year, the organization revealed. The International Monetary Fund (IMF) disclosed a security breach, threat actors compromsed 11 email accounts earlier this year. The impacted email accounts were re-secured.

Accountability 124

Accountability Hacking Cybersecurity Data breaches 124

Security Affairs

FEBRUARY 29, 2024

A critical vulnerability in Facebook could have allowed threat actors to hijack any Facebook account, researcher warns. Meta addressed a critical Facebook vulnerability that could have allowed attackers to take control of any account. Use this code to log in/reset the FB account password for the user account.”

Accountability 145

Accountability Passwords Hacking Information Security 145

Security Affairs

DECEMBER 23, 2023

The LockBit ransomware claims to have hacked accountancy firm Xeinadin threatens to leak the alleged stolen data. The LockBit ransomware claims responsibility for hacking the Xeinadin accountancy firm and threatens to disclose the alleged stolen data. Account balances. Client legal information.

Accountability 129

Accountability Ransomware Data breaches Hacking 129

Security Affairs

MARCH 2, 2023

The popular data breach notification service HaveIBeenPwned reported that the hack took place in December and impacted 565k user accounts, it also added that 83% of the records were already in HIBP database. New breach: GunAuction[.]com 83% were already in @haveibeenpwned.

Accountability 92

Accountability Hacking Data breaches Passwords 92

CyberSecurity Insiders

MAY 4, 2023

According to sources, a hack has exposed data of over 780,000 children who were patients of Brightline. Primary analysis made by the technology giant stated that the malware was being distributed via browser extensions and fake ads running on compromised business accounts.

Information Security 99

Information Security Healthcare Social Engineering Ransomware 99

Security Affairs

JANUARY 24, 2024

Thousands of GitLab servers are vulnerable to zero-click account takeover attacks exploiting the flaw CVE-2023-7028. GitLab has recently released security updates to address two critical vulnerabilities impacting both the Community and Enterprise Edition. The flaw can be exploited to hijack an account without any interaction.

Accountability 133

Accountability Passwords Internet Internet 133

Security Affairs

FEBRUARY 26, 2024

Recently the leak of a collection of files apparently stolen from the Chinese government hacking contractor, I-Soon, exposed Chinese hacking capabilities. Recently someone has leaked on GitHub [ 1 , 2 ] a collection of files apparently stolen from the Chinese hacking firm, I-Soon.

Hacking 116

Hacking Government Spyware Marketing 116

Security Affairs

FEBRUARY 8, 2020

The social network giant Facebook is still the target of hackers, its Facebook and Instagram accounts have been hijacked by the popular hacking group Our M ine. Yesterdat the popular hacking group OurMine hacked the Twitter and Instagram accounts for Facebook and Messenger.

Accountability 122

Accountability Hacking Media Advertising 122

Security Affairs

AUGUST 17, 2020

The Treasury Board of Canada Secretariat confirmed that thousands of user accounts for online Canadian government services were recently hacked. According to a press release issued by the Treasury Board of Canada Secretariat, thousands of user accounts for online government services were recently hacked.

Government 136

Government Accountability Hacking Advertising 136

Krebs on Security

JULY 18, 2023

[This is Part III in a series on research conducted for a recent Hulu documentary on the 2015 hack of marital infidelity website AshleyMadison.com.] LeakedSource was advertised on a number of popular cybercrime forums as a service that could help hackers break into valuable or high-profile accounts. Abusewith[.]us

Hacking 185

Hacking Accountability Data breaches Marketing 185

Security Affairs

APRIL 14, 2020

The details of around four million users are now being shared for free on underground hacking forums, according to ZDNet that has obtained samples from different sources, exposed records include usernames, email addresses, and hashed account passwords (bcrypt hashing algorithm). ” reads the post published Risk Based Security.

Accountability 139

Accountability Hacking Data breaches Passwords 139

Security Affairs

JANUARY 13, 2024

GitLab addressed two critical flaws impacting both the Community and Enterprise Edition, including a critical zero-click account hijacking vulnerability GitLab has released security updates to address two critical vulnerabilities impacting both the Community and Enterprise Edition. prior to 16.1.6, prior to 16.2.9, prior to 16.3.7,

Accountability 122

Accountability Passwords Hacking Information Security 122

Security Affairs

SEPTEMBER 1, 2021

Securities and Exchange Commission (SEC) announced sanctions against several organizations over email account hacking. Securities and Exchange Commission (SEC) announced sanctions against eight entities belonging to three companies over email account hacking due to cybersecurity failures. Pierluigi Paganini.

Accountability 92

Accountability Hacking Financial Services Cybersecurity 92

Security Affairs

MARCH 2, 2024

Department of Justice (DoJ) charged Iranian national Alireza Shafie Nasab (39) for multi-year hacking campaign targeting U.S. Our National Security Cyber Section remains focused on disputing these cross-border hacking schemes and holding those responsible to account.” government and defense entities.

Hacking 111

Hacking Identity Theft Social Engineering Accountability 111

Security Affairs

DECEMBER 1, 2019

The official Twitter account of Huawei Mobile Brazil has been hacked and attackers have sent offensive messages to the rival Apple. The official Twitter account of Huawei Mobile Brazil has been hacked, attackers have sent offensive messages to provoke the rival Apple. SecurityAffairs – hacking, Twitter account).

Mobile 106

Mobile Accountability Hacking Wireless 106

Security Affairs

NOVEMBER 15, 2020

million Pluto TV user accounts on a hacking forum for free, he claims they were stolen by ShinyHunters threat actor. million Pluto TV user records, he also added that the service was hacked by ShinyHunters. SecurityAffairs – hacking, ShinyHunters). The post ShinyHunters hacked Pluto TV service, 3.2M

Accountability 107

Accountability Hacking Data breaches Passwords 107

Security Affairs

MAY 6, 2020

Hackers have breached the online learning platform Unacademy and are selling the account information for close to 22 million users. Online learning platform Unacademy has suffered a data breach after a hacker gained access to their database and started selling the account information for close to 22 million users.

Accountability 106

Accountability Hacking Data breaches Advertising 106

Security Boulevard

AUGUST 21, 2022

The post Multi-Factor Authentication Fatigue Attack, Signal Account Twilio Hack, Facebook and Instagram In-App Browser appeared first on The Shared Security Show. The post Multi-Factor Authentication Fatigue Attack, Signal Account Twilio Hack, Facebook and Instagram In-App Browser appeared first on Security Boulevard.

Authentication 98

Authentication Accountability Hacking Ransomware 98

Security Affairs

FEBRUARY 3, 2024

A vulnerability impacting the decentralized social network Mastodon can be exploited by threat actors to impersonate and take over any account. A security flaw, tracked as CVE-2024-23832 (CVSS score 9.4), in the decentralized social network Mastodon can be exploited to impersonate and take over any account.

Accountability 114

Accountability Media Hacking Information Security 114

Security Affairs

MARCH 28, 2022

While Twitter suspends some Anonymous accounts, the collective hacked All-Russia State Television and Radio Broadcasting Company (VGTRK). It seems that the platform also blocked other accounts, but at the time of this writing, there is no official announcement from Twitter. SecurityAffairs – hacking, Ukraine).

Accountability 98

Accountability Hacking Banking Government 98

Security Affairs

OCTOBER 18, 2023

. “Under some rare conditions, an attacker could leak enough information to restore the seed of the pseudorandom number generator (PRNG), reconstruct the admin password, and remotely take over the admin account.” Then they used the password to login to the admin account (after enabling it). 64561 or above.”

Accountability 121

Accountability Passwords Hacking Internet 121

Security Affairs

JANUARY 4, 2024

An internet outage impacted Orange Spain after a hacker gained access to the company’s RIPE account to misconfigure BGP routing. The hacker, who uses the moniker ‘Snow’, gained access to the RIPE account of Orange Spain and misconfigured the BGP routing causing an internet outage. I have fixed your RIPE admin account security.

Internet 116

Internet Internet Accountability Passwords 116

Security Affairs

JANUARY 20, 2022

Crypto.com confirmed that a cyber attack compromised around 400 of its customer accounts leading in the theft of $33 million. Recently, several Crypto.com users reported suspicious transactions that stole thousands of dollars in Ethereum (ETH) despite their accounts being protected with 2FA. ETH from yesterday's @cryptocom hack.

Accountability 96

Accountability Hacking Cryptocurrency Cyber Attacks 96

Security Affairs

FEBRUARY 17, 2020

The popular hacker group OurMine has hacked the official Twitter account of the FC Barcelona, along with the accounts of Olympics and the International Olympic Committee (IOC). The hackers hijacked the official Barcelona and Olympic Twitter accounts and posted some tweets to claim responsibility for the hack.

Accountability 93

Accountability Hacking Advertising Media 93

Security Affairs

JANUARY 30, 2024

The ransomware identifies user accounts by viewing successful logins in Windows Event Viewer, it also uses a modified variant of the open-source PSnmap Tool. In early January, the Cactus ransomware group claimed to have hacked Coop, one of the largest retail and grocery providers in Sweden.

Ransomware 129

Ransomware Hacking Data breaches Digital transformation 129

Security Affairs

APRIL 9, 2024

“An error in the account handler lets an attacker skip the PIN verification entirely and create a privileged user profile.” . “WebOS runs a service on ports 3000/3001 (HTTP/HTTPS/WSS) which is used by the LG ThinkQ smartphone app to control the TV. ” reads the advisory.

Hacking 128

Hacking Internet Internet Authentication 128

Security Affairs

NOVEMBER 23, 2023

AutoZone disclosed a data breach resulting from the hack of their MOVEit Transfer installation. The car parts giant is notifying 184,995 individuals that the massive MOVEit hacking campaign compromised their personal information. based organizations account for 83.9 million Genworth 2.5 million PH Tech 1.7 million “U.S.-based

Data breaches 117

Data breaches Hacking Retail Identity Theft 117

Security Affairs

JUNE 4, 2022

GitLab addresses a critical security vulnerability, tracked as CVE-2022-1680, that could be exploited by an attacker to take over users’ accounts. GitLab has fixed a critical security flaw in its GitLab Enterprise Edition (EE), tracked as CVE-2022-1680 (CVSS score 9.9), that could be exploited to take over an account.

Accountability 141

Accountability Hacking Cybersecurity Information Security 141

Security Affairs

JANUARY 7, 2022

million accounts. Threat actors compromised the FlexBooker accounts of more than 3.7 FlexBooker recommends users stay vigilant and review account statements and credit reports for suspicious transactions. The data breach notification service Have I Been Pwned reports that 3,756,794 accounts were compromised in the attack.

Data breaches 143

Data breaches Accountability Passwords Cybercrime 143

Security Affairs

SEPTEMBER 10, 2019

The Instagram account of Robert Downey Jr. has been hacked, he is the last celebrity in order of time that had the social media accounts compromised. Robert Downey Jr’s Instagram account has 43.2 million, hacking it is possible to target millions of unaware fans. SecurityAffairs – Robert Downey Jr, hacking).

Accountability 87

Accountability Hacking Advertising Scams 87

Security Affairs

SEPTEMBER 16, 2022

According to the New York Times , the threat actors hacked an employee’s Slack account and used it to inform internal personnel that the company had “suffered a data breach” and provided a list of allegedly hacked internal databases. “I SecurityAffairs – hacking, Uber). states the message.

Hacking 136

Hacking Data breaches Engineering Information Security 136

Security Affairs

JULY 5, 2022

Threat actors compromised the Twitter and YouTube accounts of the British Army to promote online crypto scams. The Twitter and YouTube accounts of the British Army were used to promote NFT and other crypto scams. We are aware of a breach of the Army’s Twitter and YouTube accounts and an investigation is underway.

Scams 93

Scams Accountability Authentication Cryptocurrency 93

SecureList

AUGUST 14, 2023

Another tactic, popular with scammers big and small, phishers included, is hacking websites and placing malicious content on those, rather than registering new domains. Besides tucking a phishing page inside the website they hack, scammers can steal all of the data on the server and completely disrupt the site’s operation.

Phishing 74

Phishing Hacking Banking Scams 74

Security Affairs

JULY 3, 2023

Microsoft denied the data breach after the collective of hacktivists known as Anonymous Sudan claimed to have hacked the company. However, Anonymous Sudan has announced to have stolen credentials for 30 million customer accounts. BleepingComputer requested a comment from the company that denied any data breach claims.

Accountability 95

Accountability DDOS Data breaches Hacking 95

Security Affairs

JANUARY 13, 2023

Gen Digital, formerly Symantec Corporation and NortonLifeLock, warns that hackers breached Norton Password Manager accounts. Gen Digital, formerly Symantec Corporation and NortonLifeLock, informed its customers that threat actors have breached Norton Password Manager accounts in credential-stuffing attacks. Pierluigi Paganini.

Password Management 96

Password Management Passwords Accountability Data breaches 96

Security Affairs

AUGUST 9, 2023

Cloud account takeover scheme utilizing EvilProxy hit over 100 top-level executives of global organizations EvilProxy was observed sending 120,000 phishing emails to over a hundred organizations to steal Microsoft 365 accounts. Proofpoint noticed a worrisome surge of successful cloud account compromises in the past five months.

Accountability 96

Accountability Phishing Authentication Architecture 96

Security Affairs

DECEMBER 5, 2023

Microsoft warns that the Russia-linked APT28 group is actively exploiting the CVE-2023-23397 Outlook flaw to hijack Microsoft Exchange accounts. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, APT28) ” reads trhe announcement published by DKWOC.

Accountability 112

Accountability Government Phishing Authentication 112