SecureWorld News

JANUARY 10, 2024

Securities and Exchange Commission's (SEC) account on X (formerly Twitter) was briefly compromised on Tuesday, January 9, sending shockwaves through the cryptocurrency market and raising serious questions about the agency's cybersecurity practices. Bud Broomhead, CEO of Viakoo, emphasized the broader lessons learned from the hack.

Accountability 84

Accountability Hacking Marketing Cryptocurrency 84

Malwarebytes

JANUARY 10, 2024

We have seen several high-profile accounts that were taken over on X (formerly Twitter) only to be used for cryptocurrency related promotional activities, like expressing the approval of exchange-traded funds (ETFs). The @SECGov X account was compromised, and an unauthorized post was posted. You’re all set.

Accountability 89

Accountability Scams Hacking Cryptocurrency 89

Security Boulevard

MARCH 10, 2024

In episode 320, Tom and Scott discuss the contentious issue of who is accountable when Facebook or Instagram accounts are hacked, discussing potential failings on both the user’s and Meta’s part.

Media 73

Media Accountability Hacking Malware 73

Schneier on Security

JUNE 28, 2023

The stalkerware company LetMeSpy has been hacked : TechCrunch reviewed the leaked data, which included years of victims’ call logs and text messages dating back to 2013. The leaked data contains no identifying information, which means people whose data was leaked can’t be notified.

Hacking 189

Hacking Spyware Accountability Data breaches 189

Security Boulevard

JANUARY 21, 2024

Then they switch to the best practices to prevent social media account takeovers, highlighting […] The post The World of Scambaiting, Preventing Social Media Account Takeovers, Network Wrenches Hacked appeared first on Shared Security Podcast.

Media 76

Media Accountability Hacking Scams 76

Schneier on Security

JULY 2, 2021

The first is from Microsoft, which wrote : As part of our investigation into this ongoing activity, we also detected information-stealing malware on a machine belonging to one of our customer support agents with access to basic account information for a small number of our customers. News article.

Hacking 360

Hacking Passwords Malware Accountability 360

Security Affairs

DECEMBER 23, 2023

The LockBit ransomware claims to have hacked accountancy firm Xeinadin threatens to leak the alleged stolen data. The LockBit ransomware claims responsibility for hacking the Xeinadin accountancy firm and threatens to disclose the alleged stolen data. Account balances. Client legal information.

Accountability 121

Accountability Ransomware Data breaches Hacking 121

Krebs on Security

MARCH 14, 2023

men have been charged with hacking into a U.S. Both are alleged to be part of a larger criminal organization that specializes in using fake emergency data requests from compromised police and government email accounts to publicly threaten and extort their victims. .”

Hacking 244

Hacking Government Media Accountability 244

Security Affairs

JANUARY 2, 2022

The Twitter account of NASA Director Parimal Kopardekar (@nasapk) was hacked by the Powerful Greek Army group. The Twitter account of the NASA Director and Sr Technologist for Air Transporation Sytem Mr. Parimal Kopardekar ( @nasapk ) was hacked by the Powerful Greek Army group. NASA Director account hacked by PGA!

Accountability 137

Accountability Hacking Banking Government 137

Heimadal Security

JUNE 14, 2021

Intuit has informed TurboTax clients that some of their private and financial information was accessed by threat actors following what seems to be a sequence of account takeover attacks. The post Intuit Clients Warned of Hacked TurboTax Accounts appeared first on Heimdal Security Blog. Intuit Inc. Intuit Inc.

Accountability 102

Accountability Hacking Small Business Software 102

Security Affairs

JANUARY 10, 2024

Threat actors hacked the X account of the US Securities and Exchange Commission (SEC) and used it to publish the fake news on the Bitcoin ETF approval. Hackers hijacked the X account of the US Securities and Exchange Commission (SEC) and used it to publish fake news on the Bitcoin ETF approval. ” Gensler wrote.

Accountability 104

Accountability Hacking Cryptocurrency Surveillance 104

Krebs on Security

MARCH 4, 2021

Over the past few weeks, three of the longest running and most venerated Russian-language online forums serving thousands of experienced cybercriminals have been hacked. A note posted by a Verified forum administrator concerning the hack of its registrar in January. Everyone’s account passwords were forcibly reset.

Cybercrime 363

Cybercrime Hacking Passwords Accountability 363

Security Affairs

FEBRUARY 29, 2024

A critical vulnerability in Facebook could have allowed threat actors to hijack any Facebook account, researcher warns. Meta addressed a critical Facebook vulnerability that could have allowed attackers to take control of any account. Use this code to log in/reset the FB account password for the user account.”

Accountability 145

Accountability Passwords Hacking Information Security 145

Security Affairs

MARCH 18, 2024

Threat actors compromised at least 11 International Monetary Fund (IMF) email accounts earlier this year, the organization revealed. The International Monetary Fund (IMF) disclosed a security breach, threat actors compromsed 11 email accounts earlier this year. The impacted email accounts were re-secured.

Accountability 116

Accountability Hacking Cybersecurity Data breaches 116

Security Affairs

MARCH 2, 2023

The popular data breach notification service HaveIBeenPwned reported that the hack took place in December and impacted 565k user accounts, it also added that 83% of the records were already in HIBP database. The breach likely exposed personal customer information like names, addresses, and email addresses.

Accountability 82

Accountability Hacking Data breaches Passwords 82

Bleeping Computer

JUNE 12, 2021

Financial software company Intuit has notified TurboTax customers that some of their personal and financial information was accessed by attackers following what looks like a series of account takeover attacks. [.].

Accountability 145

Accountability Hacking Software 145

Krebs on Security

DECEMBER 13, 2022

Federal Bureau of Investigation (FBI) to build cyber and physical threat information sharing partnerships with the private sector, this week saw its database of contact information on more than 80,000 members go up for sale on an English-language cybercrime forum. Department of Defense. USDoD’s InfraGard sales thread on Breached.

Hacking 361

Hacking Energy and Utilities Cybercrime Accountability 361

Bleeping Computer

JANUARY 6, 2023

Air France and KLM have informed Flying Blue customers that some of their personal information was exposed after their accounts were breached. [.].

Accountability 107

Accountability Hacking 107

Security Affairs

AUGUST 17, 2020

The Treasury Board of Canada Secretariat confirmed that thousands of user accounts for online Canadian government services were recently hacked. According to a press release issued by the Treasury Board of Canada Secretariat, thousands of user accounts for online government services were recently hacked.

Government 130

Government Accountability Hacking Advertising 130

Schneier on Security

AUGUST 31, 2022

This is a fun story, detailing the hack a group of high school students perpetrated against an Illinois school district, hacking 500 screens across a bunch of schools. Eventually, he decided to use his real name, while other members created anonymous accounts. It has a happy ending: no one was prosecuted.

Hacking 202

Hacking Penetration Testing Accountability Software 202

Krebs on Security

JULY 13, 2020

Data Viper , a security startup that provides access to some 15 billion usernames, passwords and other information exposed in more than 8,000 website breaches, has itself been hacked and its user database posted online. The apparent breach at St. An online post by the attackers who broke into Data Viper. But on Aug.

Hacking 344

Hacking Marketing Cybercrime Accountability 344

Schneier on Security

APRIL 26, 2021

Hacking is as old as humanity. To date, hacking has exclusively been a human activity. After hacking humanity, AI systems will then hack other AI systems, and humans will be little more than collateral damage. Most of these hacks don’t even require major research breakthroughs in AI. Not for long.

Hacking 357

Hacking Artificial Intelligence Government Engineering 357

Security Affairs

SEPTEMBER 1, 2021

Securities and Exchange Commission (SEC) announced sanctions against several organizations over email account hacking. Securities and Exchange Commission (SEC) announced sanctions against eight entities belonging to three companies over email account hacking due to cybersecurity failures.

Accountability 81

Accountability Hacking Financial Services Cybersecurity 81

Schneier on Security

FEBRUARY 10, 2023

It’s a series of algorithms that takes an input—financial information for the year—and produces an output: the amount of tax owed. And there are thousands of black-hat researchers who examine every line of the tax code looking for exploitable vulnerabilities—tax attorneys and tax accountants. But it’s still code.

Hacking 220

Hacking Artificial Intelligence Government Software 220

Bleeping Computer

JANUARY 19, 2023

T-Mobile disclosed a new data breach after a threat actor stole the personal information of 37 million current postpaid and prepaid customer accounts through one of its Application Programming Interfaces (APIs). [.]

Data breaches 142

Data breaches Mobile Accountability Hacking 142

Hacker Combat

SEPTEMBER 6, 2021

Hackers took advantage of the mishap to gain unauthorized access to email accounts and lots of customer’s data was exposed. During that timeframe, unapproved third parties gained unauthorized access into over 60 email accounts hosted in the cloud belonging to Cetera Employees. Often, hackers use phishing emails to target employees.

Accountability 100

Accountability Hacking Financial Services Data breaches 100

Security Affairs

MARCH 2, 2024

Department of Justice (DoJ) charged Iranian national Alireza Shafie Nasab (39) for multi-year hacking campaign targeting U.S. sensitive information and critical infrastructure. Our National Security Cyber Section remains focused on disputing these cross-border hacking schemes and holding those responsible to account.”

Hacking 99

Hacking Identity Theft Social Engineering Accountability 99

Security Affairs

FEBRUARY 26, 2024

Recently the leak of a collection of files apparently stolen from the Chinese government hacking contractor, I-Soon, exposed Chinese hacking capabilities. Recently someone has leaked on GitHub [ 1 , 2 ] a collection of files apparently stolen from the Chinese hacking firm, I-Soon.

Hacking 105

Hacking Government Spyware Marketing 105

Krebs on Security

JULY 18, 2023

[This is Part III in a series on research conducted for a recent Hulu documentary on the 2015 hack of marital infidelity website AshleyMadison.com.] LeakedSource was advertised on a number of popular cybercrime forums as a service that could help hackers break into valuable or high-profile accounts. Abusewith[.]us A copy of pictrace[.]com

Hacking 187

Hacking Accountability Data breaches Marketing 187

Krebs on Security

JANUARY 21, 2022

Criminals ripping off other crooks is a constant theme in the cybercrime underworld; Accountz Club’s slogan — “the best autoshop for your favorite shops’ accounts” — just normalizes this activity by making logins stolen from users of various cybercrime shops for sale at a fraction of their account balances.

Hacking 284

Hacking Cybercrime Authentication Passwords 284

Security Affairs

MAY 6, 2020

Hackers have breached the online learning platform Unacademy and are selling the account information for close to 22 million users. Online learning platform Unacademy has suffered a data breach after a hacker gained access to their database and started selling the account information for close to 22 million users.

Accountability 103

Accountability Hacking Data breaches Advertising 103

Security Affairs

APRIL 24, 2024

The four Iranian nationals are Hossein Harooni, Reza Kazemifar, Komeil Baradaran Salmani, and Alireza Shafie Nasab — are accused of participating in a malware operation using spear-phishing and other hacking techniques to harvest hundreds of thousands of corporate employee accounts. entities while employed by MASN.

Government 88

Government Phishing Social Engineering Hacking 88

Identity IQ

JUNE 15, 2021

The automaker said an unauthorized third party obtained personal information about customers and interested buyers from a vendor used for digital sales and marketing by its Audi Volkswagen brands and some U.S. A small number of records included additional data like dates of birth, Social Security numbers and account numbers.

Cybercrime 119

Cybercrime Identity Theft Data breaches Hacking 119

Security Affairs

JANUARY 24, 2024

Thousands of GitLab servers are vulnerable to zero-click account takeover attacks exploiting the flaw CVE-2023-7028. The most critical vulnerability, tracked as CVE-2023-7028 (CVSS score 10), is an account takeover via Password Reset. The flaw can be exploited to hijack an account without any interaction. prior to 16.1.6,

Accountability 127

Accountability Passwords Internet Internet 127

Security Affairs

MARCH 28, 2022

While Twitter suspends some Anonymous accounts, the collective hacked All-Russia State Television and Radio Broadcasting Company (VGTRK). It seems that the platform also blocked other accounts, but at the time of this writing, there is no official announcement from Twitter. SecurityAffairs – hacking, Ukraine).

Accountability 97

Accountability Hacking Banking Government 97

CyberSecurity Insiders

DECEMBER 1, 2022

LastPass, a password management service offering company, has disclosed that it has suffered a data breach in an attack that might be linked to the August data leak where hackers stole vital information from the servers of the said company.

Data breaches 132

Data breaches Password Management Passwords Encryption 132

Bleeping Computer

MARCH 2, 2023

American fast food chain Chick-fil-A has confirmed that customers' accounts were breached in a months-long credential stuffing attack, allowing threat actors to use stored rewards balances and access personal information. [.]

Accountability 95

Accountability Hacking 95