Security Affairs

FEBRUARY 24, 2025

A botnet of 130,000+ devices is attacking Microsoft 365 accounts via password-spraying, bypassing MFA by exploiting basic authentication. SecurityScorecard researchers discovered a botnet of over 130,000 devices that is conducting password-spray attacks against Microsoft 365 (M365) accounts worldwide.

Passwords

Krebs on Security

OCTOBER 30, 2024

Change Healthcare says it has notified approximately 100 million Americans that their personal, financial and healthcare records may have been stolen in a February 2024 ransomware attack that caused the largest ever known data breach of protected health information. Image: Tamer Tuncay, Shutterstock.com. Last month, Sens. Mark Warner (D-Va.)

Healthcare

Krebs on Security

JANUARY 7, 2025

Besieged by scammers seeking to phish user accounts over the telephone, Apple and Google frequently caution that they will never reach out unbidden to users this way. The phishers also abused legitimate Google services to send Tony an email from google.com, and to send a Google account recovery prompt to all of his signed-in devices.

Phishing

Krebs on Security

NOVEMBER 19, 2024

The financial technology firm Finastra is investigating the alleged large-scale theft of information from its internal file transfer platform, KrebsOnSecurity has learned. The Telegram account that abyss0 listed in their sales thread appears to have been suspended or deleted. This is a developing story.

Data breaches

Security Affairs

JULY 2, 2025

. “A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an unauthenticated, remote attacker to log in to an affected device using the root account, which has default, static credentials that cannot be changed or deleted.”

Accountability

Security Affairs

MAY 2, 2025

Microsoft announced that all new accounts will be “passwordless by default” to increase their level of security. Microsoft now makes all new accounts “passwordless by default,” enhancing protection against social engineering attacks, phishing, brute-force, and credential stuffing attacks.

Accountability

Malwarebytes

NOVEMBER 14, 2024

Employees of these companies were tricked into clicking malicious attachments and links and filling in their email account login information on fake sites. The entered information went straight to the phishers and allowed the criminals to monitor the emails of those employees.

Accountability

Krebs on Security

NOVEMBER 21, 2024

That Joeleoli moniker registered on the cybercrime forum OGusers in 2018 with the email address joelebruh@gmail.com , which also was used to register accounts at several websites for a Joel Evans from North Carolina. Click to enlarge.

Identity Theft

Krebs on Security

DECEMBER 19, 2024

The cracked software is being resold as a cloud-based attack tool by at least two different services, one of which KrebsOnSecurity traced to an information technology firm based in Turkey. “We have been playing cat and mouse for a while with these guys,” said Matt Sciberras , chief information security officer at Invicti.

Hacking

Schneier on Security

JUNE 25, 2025

a highly dramatic pelican or a Russian-accented walrus), yet they maintain engagement in technical and explanatory discussions. […] User frequently cross-validates information, particularly in research-heavy topics like emissions estimates, pricing comparisons, and political events. User’s account is 237 weeks old.

Architecture

Security Affairs

NOVEMBER 24, 2024

Stolen information offered for sale on the carding website included bank account, credit card, and debit card numbers and associated information for conducting transactions. seized $283,000 in cryptocurrency from an account linked to Sami as part of actions against the illicit activities of PopeyeTools.

Cybercrime

Schneier on Security

FEBRUARY 13, 2025

Meanwhile, only partially redacted names of CIA employees were sent over an unclassified email account. Next, the Office of Personnel Management—which holds detailed personal data on millions of federal employees, including those with security clearances— was compromised. After that, Medicaid and Medicare records were compromised.

Government

Krebs on Security

JULY 24, 2025

KrebsOnSecurity recently heard from a reader whose boss’s email account got phished and was used to trick one of the company’s customers into sending a large payment to scammers. JUSTY JOHN DomainTools shows that some of the early domains registered to roomservice801@gmail.com in 2016 include other useful information.

Scams

Security Affairs

APRIL 7, 2025

Cybercriminals exploit compromised accounts for EDR-as-a-Service (Emergency Data Requests – EDR), targeting major platforms According to a detailed analysis conducted by Meridian Group, an increasingly complex and structured phenomenon, commonly referred to as EDR-as-a-Service, is taking hold in the cybersecurity landscape.

Cybercrime

Krebs on Security

JANUARY 31, 2025

“Those payments would instead be redirected to a financial account the perpetrators controlled, resulting in significant losses to victims,” the DOJ wrote. “These tools were also used to acquire victim user credentials and utilize those credentials to further these fraudulent schemes.

Phishing

Malwarebytes

OCTOBER 15, 2024

Broadly, Malwarebytes found that: 74% of people “consider US election season a risky time for personal information.” Distrust in political ads is broad—62% said they “disagree” or “strongly disagree” that the information they receive in US election-related ads is trustworthy. The reasons could be obvious.

Scams

Schneier on Security

JULY 24, 2025

Your personal information is scattered across hundreds of locations: social media companies, IoT companies, government agencies, websites you have accounts on, and data brokers you’ve never heard of. A 2017 write-up in The Atlantic found error rates exceeding 50% in some categories of personal information.

Architecture

Security Affairs

OCTOBER 28, 2024

French internet service provider (ISP) Free disclosed a cyber attack, threat actors allegedly had access to customer personal information. The seller listed two databases for sale one containing 19,192,948 customer accounts and another including 5.11 ” “Thus, this information should be taken cautiously until confirmed.

Cyber Attacks

Security Affairs

NOVEMBER 4, 2024

for phishing scams that stole millions by hacking email accounts. A Nigerian national was sentenced to 26 years in prison in the US for stealing millions by compromising the email accounts of real estate businesses. for phishing scams that resulted in the compromise of millions of email accounts.

Scams

Security Affairs

APRIL 22, 2025

Japan s Financial Services Agency (FSA) warns of hundreds of millions in unauthorized trades linked to hacked brokerage accounts. billion yen Typically, attackers hijack victim accounts, sell held stocks, and use the proceeds to buy assets like Chinese stocks, which remain in the account post-attack.

Financial Services

Krebs on Security

JULY 8, 2025

While not listed as critical, CVE-2025-49719 is a publicly disclosed information disclosure vulnerability, with all versions as far back as SQL Server 2016 receiving patches. “The potential exposure of sensitive information makes this a high-priority concern for organizations handling valuable or regulated data,” Walters said.

Authentication

Security Affairs

DECEMBER 8, 2024

The investigation aimed to determine the extent of the activity, and whether individual personal information, if any, may have been accessed or acquired by an unauthorized third party. As part of the investigation, we engaged leading third-party cybersecurity experts experienced in handling these types of incidents.

Data breaches

SecureWorld News

NOVEMBER 22, 2024

From the DOJ press release: "We allege that this group of cybercriminals perpetrated a sophisticated scheme to steal intellectual property and proprietary information worth tens of millions of dollars and steal personal information belonging to hundreds of thousands of individuals," said United States Attorney Martin Estrada. "As

Phishing

Malwarebytes

APRIL 22, 2025

Cybercriminals are abusing Googles infrastructure, creating emails that appear to come from Google in order to persuade people into handing over their Google account credentials. The difference is that anyone with a Google account can create a website on sites.google.com. Instead create an account on the service itself.

Risk

Malwarebytes

APRIL 1, 2025

This update must be completed by 2025-03-16 to avoid any potential penalties or disruptions to your account. Once logged in, follow the prompts to review and confirm your tax information. Perhaps they’ll sell the details on the dark web, or use them for themselves to get access to your Microsoft accounts.

Scams

Malwarebytes

JUNE 19, 2025

Take the 184 million logins for social media accounts we reported about recently. The likely source: information stealers , or infostealers for short. The likely source: information stealers , or infostealers for short. Enable two-factor authentication (2FA) for every account you can. Now try to imagine 16 billion!

Identity Theft

The Last Watchdog

NOVEMBER 12, 2024

But the SEC’s latest actions underscore that failing to inform stakeholders about material risks and breaches is not an option. Stuart McClure, CEO, Qwiet AI McClure The SEC’s goal appears to be to hold these companies accountable to investors for any successful cyberattacks and expose the company’s lack of preparation and prevention.

CISO

eSecurity Planet

NOVEMBER 6, 2024

In a stunning blow to the city’s cybersecurity defenses, Columbus, Ohio, recently became the target of a massive cyberattack that exposed over half a million residents’ sensitive information. This data reportedly includes everything from names and addresses to Social Security numbers and bank account details. With over 6.5

Ransomware

Security Affairs

JUNE 11, 2025

Between January and April 2025, INTERPOL led Operation Secure, a global effort that took down over 20,000 malicious IPs and domains linked to information-stealing malware. After the operation, the authorities alerted over 216,000 victims to help them quickly secure their accounts and prevent further unauthorized access.

Cybercrime

Malwarebytes

JUNE 18, 2025

Some use Artificial Intelligence (AI) to create deepfake videos aimed at gathering personal information, while others link to typosquatted domains that not just look the same but also have very similar domain names as the impersonated bank. Protect your social media accounts by using Malwarebytes Identity Theft Protection.

Banking

Krebs on Security

DECEMBER 4, 2024

government indicted Matveev as a top ransomware purveyor a year later, offering $10 million for information leading to his arrest. At several points throughout his career, Wazawaka claimed he made good money stealing accounts from drug dealers on darknet narcotics bazaars. An FBI wanted poster for Matveev.

Cybercrime

eSecurity Planet

JULY 14, 2025

According to TechRepublic, the FBI said these hackers have been “convincing help desk staff to bypass multi-factor authentication (MFA) protections by registering rogue MFA devices on compromised accounts.” She stressed that even if a breach didn’t directly impact you, your information could still be used in phishing scams or identity theft.

Insurance

Security Affairs

NOVEMBER 18, 2024

The cyber spies stole information belonging to targeted individuals that was subject to U.S. “T-Mobile is closely monitoring this industry-wide attack, and at this time, T-Mobile systems and data have not been impacted in any significant way, and we have no evidence of impacts to customer information,” a company spokeswoman told WSJ. “We

Mobile

The Last Watchdog

DECEMBER 16, 2024

Gen AI threats and quantum computing exposures must be accounted for. Attacks targeting identities rose 71% last year, with valid accounts as the top entry point. Compromised LLM-based applications could expose large amounts of personal information, disrupt essential services, or lead to manipulations of decision-making processes.

Cyber threats

Krebs on Security

DECEMBER 10, 2024

” Elevation of privilege vulnerabilities accounted for 29% of the 1,009 security bugs Microsoft has patched so far in 2024, according to a year-end tally by Tenable ; nearly 40 percent of those bugs were weaknesses that could let attackers run malicious code on the vulnerable device. .

Authentication

Security Affairs

MARCH 24, 2025

The FBI warns that threat actors use malicious online document converters to steal users sensitive information and infect their systems with malware. If users fall victim to this scam, immediately contact their financial institutions, secure their accounts, and change all passwords using a trusted device. ” reads the alert.

Malware

Krebs on Security

MARCH 14, 2025

Some of those lures worked, and allowed thieves to gain control over booking.com accounts. From there, they sent out phishing messages asking for financial information from people who’d just booked travel through the company’s app.

Phishing