Security Affairs

MAY 23, 2023

Google introduced Mobile VRP (vulnerability rewards program), a new bug bounty program for reporting vulnerabilities in its mobile applications. Google announced a new bug bounty program, named Mobile VRP (vulnerability rewards program), that covers its mobile applications.

Mobile 88

Mobile Hacking Accountability Cybersecurity 88

Security Affairs

APRIL 23, 2022

Telecommunication giant T-Mobile confirmed the LAPSUS$ extortion group gained access to its networks in March. Telecom company T-Mobile on Friday revealed that LAPSUS$ extortion gang gained access to its networks. ” LAPSUS$ leader White/Lapsus Jobs looking up the Department of Defense in T-Mobile’s internal Atlas system.

Mobile 96

Mobile VPN Social Engineering Telecommunications 96

Security Affairs

AUGUST 18, 2021

T-Mobile has confirmed that hackers have stolen records belonging to 48.6 Recently T-Mobile has launched an investigation into a possible security breach after a threat actor started offering for sale 100 million T-Mobile customer records on the dark web. The post T-Mobile data breach has impacted 48.6

Data breaches 99

Data breaches Mobile Telecommunications Wireless 99

Security Affairs

FEBRUARY 27, 2021

The telecommunications giant T-Mobile disclosed a data breach after some of its customers were apparently affected by SIM swap attacks. The telecommunications provider T-Mobile has disclosed a data breach after it became aware that some of its customers were allegedly victims of SIM swap attacks.

Mobile 90

Mobile Telecommunications Data breaches Identity Theft 90

Security Affairs

MARCH 5, 2020

New problems for the wireless carrier T-Mobile that disclosed a data breach that exposed some of the customers’ personal information. The wireless carrier T-Mobile was victims of a sophisticated cyber attack that targeted its email vendor. SecurityAffairs – hacking, T-mobile). ” continues the notice.

Mobile 127

Mobile Data breaches Telecommunications Wireless 127

Security Affairs

AUGUST 22, 2021

T-Mobile data breach could be worse than initially thought, an update to the investigation reveals that over 54 million individuals were impacted. T-Mobile data breach could be worse than initially thought, according to an update to the investigation over 54 million customers had their data compromised. ” reads the update.

Data breaches 113

Data breaches Mobile Accountability Phishing 113

Security Affairs

MAY 30, 2022

Experts warn of a new ongoing WhatsApp OTP scam that could allow attackers to hijack users’ accounts through phone calls. Recently CloudSEK founder Rahul Sasi warned of an ongoing WhatsApp OTP scam that could allow threat actors to hijack users’ accounts through phone calls. Follow me on Twitter: @securityaffairs and Facebook.

Scams 140

Scams Accountability Mobile Hacking 140

Security Affairs

FEBRUARY 9, 2023

Researchers reported that the top-of-the-line Android mobile devices sold in China are shipped with malware. The apps were designed to exfiltrate user and device information in a stealthy way, including system info, geolocation, user profile, social relationships, and call history.

Mobile 98

Mobile Malware Surveillance Spyware 98

Security Affairs

JULY 10, 2023

Resecurity identified the emergence of adversarial mobile Android-based Antidetect Tooling for Mobile OS-Based Fraud. Resecurity has identified the emergence of adversarial mobile Android-based tools (called “mobile anti-detects”), like Enclave and McFly, as a new frontier in fraud tradecraft evolution.

Mobile 59

Mobile Banking Firmware Software 59

Security Affairs

FEBRUARY 10, 2022

Spanish National Police has arrested eight alleged members of a crime organization who were able to steal money from the bank accounts of the victims through SIM swapping attacks. Once hijacked a SIM, the attackers can steal money, cryptocurrencies and personal information, including contacts synced with online accounts.

Banking 104

Banking Accountability Mobile Cryptocurrency 104

Security Affairs

NOVEMBER 22, 2019

Bad news for T-Mobile prepaid customer, the US-based telecom giant T-Mobile today disclosed a new data breach incident. The US branch of the telecommunications giant T -Mobile disclosed a security breach that according to the company impacted a small number of customers of its prepaid service. Pierluigi Paganini.

Wireless 97

Wireless Data breaches Mobile Telecommunications 97

Security Affairs

MAY 20, 2024

They manage and operate many internet-connected laundry machines and systems, offering services such as coin and card-operated laundry machines, mobile payment solutions, and maintenance support. Sherbrooke and Taranenko were also able to add several million dollars to their laundry account which can be managed through the CSC Go mobile app.

Mobile 122

Mobile Internet Internet Accountability 122

Security Affairs

DECEMBER 28, 2020

Threat intelligence analyst discovered a threat actor that is selling a database of the Italian mobile service provider Ho mobile. Ho mobile is an Italian mobile telephone service offered by Vodafone Enabler Italia, an Italian virtual mobile telephone operator. ” Bank Security told me.

Mobile 128

Mobile Banking Data breaches Phishing 128

Security Affairs

SEPTEMBER 15, 2021

Microsoft announced that users can access their consumer accounts without providing passwords and using more secure authentication methods. Microsoft says the feature will be rolled out over the coming weeks, it already provides passwordless methods to enterprise users since March 2021, and plans to roll out it for Azure AD accounts.

Authentication 95

Authentication Accountability Passwords Phishing 95

Security Affairs

JANUARY 22, 2023

Roaming Mantis threat actors were observed using a new variant of their mobile malware Wroba to hijack DNS settings of Wi-Fi routers. Researchers from Kaspersky observed Roaming Mantis threat actors using an updated variant of their mobile malware Wroba to compromise Wi-Fi routers and hijack DNS settings. Agent.eq (a.k.a

DNS 91

DNS Mobile Malware Hacking 91

Security Affairs

MARCH 29, 2024

The company was the victim of credential stuffing attacks against its website and mobile application on November 18-19 and November 25, 2023. The attackers detected suspicious login activity to certain Hot Topic Rewards accounts. Threat actors obtained valid account credentials obtained from an unknown third-party source.

Accountability 107

Accountability Mobile Passwords Authentication 107

Security Affairs

SEPTEMBER 24, 2022

The cyber department of Ukraine ‘s Security Service (SSU) dismantled a gang that stole accounts of about 30 million individuals. The cyber department of Ukraine ‘s Security Service (SSU) has taken down a group of hackers that is behind the theft of about 30 million individuals. ” concludes the SSU.

Accountability 84

Accountability Computers and Electronics Hacking Mobile 84

Security Affairs

JUNE 2, 2021

There was no need for a password or login credentials to access the information, and the data was not encrypted. The leak has since been secured. AMT Games is a mobile and browser game developer based in China. Feedback message data contained Account id, feedback rating given, and users’ email addresses. What’s Happening?

Data breaches 107

Data breaches Accountability Mobile Phishing 107

Security Affairs

MAY 1, 2023

The IT giant also announced it has banned 173k developer accounts and prevented over $2 billion in fraudulent and abusive transactions. ” The company explained that in 2022, the App Security Improvements program helped developers to address approximately 500K security weaknesses affecting approximately 300K apps.

Accountability 88

Accountability Education Media Hacking 88

Security Affairs

MARCH 3, 2021

A researcher received a $50,000 bug bounty by Microsoft for having reported a vulnerability that could’ve allowed to hijack any account. Microsoft has awarded the security researcher Laxman Muthiyah $50,000 for reporting a vulnerability that could have allowed anyone to hijack users’ accounts without consent.

Accountability 109

Accountability Passwords Encryption Mobile 109

Security Affairs

SEPTEMBER 6, 2021

Security researcher ValdikSS found malware preinstalled in four low-budget push-button mobile phones available for sale on Russian e-stores. A Russian security researcher that goes online with the name of ValdikSS has found malware preinstalled in four low-budget push-button mobile phones available for sale on Russian e-stores.

Mobile 108

Mobile Malware Firmware Manufacturing 108

Security Affairs

JUNE 24, 2022

. “In some cases, we believe the actors worked with the target’s ISP to disable the target’s mobile data connectivity. “We believe this is the reason why most of the applications masqueraded as mobile carrier applications. ” reads the report published by Google. Follow me on Twitter: @securityaffairs and Facebook.

Surveillance 110

Surveillance Mobile Spyware Telecommunications 110

Security Affairs

AUGUST 9, 2021

Experts spotted a new Android trojan, dubbed FlyTrap, that compromised Facebook accounts of over 10,000 users in at least 144 countries since March 2021. Zimperium’s zLabs researchers spotted a new Android trojan, dubbed FlyTrap , that already compromised Facebook accounts of over 10,000 users in at least 144 countries since March 2021.

Accountability 124

Accountability Social Engineering Media Malware 124

SC Magazine

APRIL 8, 2021

Reed of NowSecure, offers some insights on how continuous mobile app security can protect companies from similar vulnerabilities. Spurred on by a pandemic that forced workers home, we have grown increasingly reliant on a cadre of mobile applications proliferating at a head-spinning rate. But that has to change – and quickly.

Mobile 53

Mobile Digital transformation Media Risk 53

Security Affairs

APRIL 6, 2021

Security researcher implemented a service to verify if your mobile number is included in the recent Facebook data leak. Leaked data includes users’ phone numbers, Facebook IDs, full names, locations, birthdates, bios, and for some accounts the associated email addresses. ” Alosefer explained. ” added the expert.

Mobile 63

Mobile Data breaches Accountability Phishing 63

Krebs on Security

MAY 22, 2023

Social networks are constantly battling inauthentic bot accounts that send direct messages to users promoting scam cryptocurrency investment platforms. Chaput said that at one point last week the volume of bot accounts being registered for the crypto spam campaign started overwhelming the servers that handle new signups at Mastodon.social.

Scams 244

Scams DDOS Cryptocurrency Accountability 244

Security Affairs

MAY 10, 2021

WhatsApp will not deactivate the accounts of users who don’t accept the new privacy policy update that requires sharing data with other companies owned by Facebook. WhatsApp on Friday announced that it will not deactivate accounts of users who don’t accept its new privacy policy that will be rolled out on May 15.

Accountability 91

Accountability Mobile Hacking Information Security 91

Security Boulevard

FEBRUARY 5, 2023

Three […] The post Password Managers Under Attack, Shady Reward Apps on Google Play, Meta Account Center 2FA Bypass appeared first on The Shared Security Show. The post Password Managers Under Attack, Shady Reward Apps on Google Play, Meta Account Center 2FA Bypass appeared first on Security Boulevard.

Password Management 98

Password Management Passwords Accountability Phishing 98

Security Affairs

JANUARY 8, 2020

A flaw in the popular TikTok app could allow attackers to hijack any user account just by knowing the mobile number of the victim. All free accounts are by default public, only subscribers could restrict the access to the accounts’ content. The app developed by the Chinese firm ByteDance has over 1.3 Pierluigi Paganini.

Accountability 65

Accountability Mobile Advertising Media 65

Security Affairs

MARCH 4, 2024

“Account information of some of our Card Members, including some of your account information, may have been involved. ” The security breach occurred at a service provider that lets customers book flights, hotels and other reservations using an online portal.

Data breaches 97

Data breaches Accountability Hacking Mobile 97

Security Boulevard

AUGUST 21, 2022

The post Multi-Factor Authentication Fatigue Attack, Signal Account Twilio Hack, Facebook and Instagram In-App Browser appeared first on The Shared Security Show. The post Multi-Factor Authentication Fatigue Attack, Signal Account Twilio Hack, Facebook and Instagram In-App Browser appeared first on Security Boulevard.

Authentication 98

Authentication Accountability Hacking Ransomware 98

Security Affairs

NOVEMBER 5, 2019

The #FifthOfNovember has arrived, the Italian branch of Anonymous and LulzSecITA hacked websites of professional orders, prefecture of Naples, and also the telephone operator Lyca Mobile. The popular group of Italian hacktivist s LulzSecITA also joined the protest and hacked the Italian site of the telephone company Lyca Mobile.

Mobile 62

Mobile Hacking Advertising Data breaches 62

Security Affairs

AUGUST 31, 2019

Hackers compromised the Twitter account of Jack Dorsey, CEO at Twitter, and published and retweeted offensive and racist messages. No one is secure online, news of the day is that hackers compromised the Twitter account of Jack Dorsey, CEO at Twitter and co-founder, and published and retweeted offensive and racist tweets.

Accountability 79

Accountability Hacking Mobile Advertising 79

Security Affairs

JULY 16, 2019

US telecommunications company Sprint revealed that hackers compromised an unknown number of customer accounts via the Samsung.com “add a line” website. “On June 22, Sprint was informed of unauthorized access to your Sprint account using your account credentials via the Samsung.com “add a line” website.”

Accountability 73

Accountability Identity Theft Telecommunications Data breaches 73

Security Affairs

FEBRUARY 23, 2024

The telecommunications provider pointed out that no financial information (credit or debit card numbers, banking details) has been compromised. The exposed information includes full name, date of birth, mobile number, email address, postal address and Tangerine account number. ”continues the statement.

Data breaches 92

Data breaches Telecommunications Banking Mobile 92

Security Affairs

SEPTEMBER 10, 2019

The Instagram account of Robert Downey Jr. has been hacked, he is the last celebrity in order of time that had the social media accounts compromised. Instagram account has been hacked, in this case the attacker did not publish offensive messages, but attempted to monetize their efforts by posting fake giveaways for Apple products.

Accountability 82

Accountability Hacking Advertising Scams 82

Security Affairs

JULY 15, 2019

Instagram has recently addressed a critical flaw that could have allowed hackers to take over any Instagram account without any user interaction. Instagram has recently addressed a critical vulnerability that could have allowed attackers to completely take over any account without user interaction. Pierluigi Paganini.

Accountability 79

Accountability Mobile Passwords Advertising 79