Security Boulevard

MARCH 10, 2024

In episode 320, Tom and Scott discuss the contentious issue of who is accountable when Facebook or Instagram accounts are hacked, discussing potential failings on both the user’s and Meta’s part.

Media 75

Media Accountability Hacking Malware 75

Bleeping Computer

MARCH 29, 2024

An infostealer malware campaign has reportedly collected millions of logins from users of various gaming websites, including players that use cheats, pay-to-cheat services. [.]

Malware 123

Malware Accountability Cryptocurrency 123

Tech Republic Security

JANUARY 11, 2022

Google took over the top spot for malicious downloads from Microsoft OneDrive as attackers created free accounts, uploaded malware and shared documents with unsuspecting users, says Netskope.

Accountability 218

Accountability Malware 218

Bleeping Computer

APRIL 27, 2023

Google says it banned 173,000 developer accounts in 2022 to block malware operations and fraud rings from infecting Android users' devices with malicious apps. [.]

Accountability 124

Accountability Malware 124

CyberSecurity Insiders

DECEMBER 2, 2022

New malware is on the prowl and is seen spreading malicious software in disguise of applications meant for teaching, reading, and other education-related activities. Surprisingly and as expected, the malware is circulating on Android devices and spreading through 3rd party app stores available on the web.

Accountability 115

Accountability Malware Education Software 115

Schneier on Security

JANUARY 24, 2022

Crowdstrike is reporting that malware targeting Linux has increased considerably in 2021: Malware targeting Linux systems increased by 35% in 2021 compared to 2020. XorDDoS, Mirai and Mozi malware families accounted for over 22% of Linux-targeted threats observed by CrowdStrike in 2021.

Malware 301

Malware Accountability 301

Security Affairs

OCTOBER 20, 2021

A Cookie Theft malware was employed in phishing attacks against YouTube creators, Google’s Threat Analysis Group (TAG) warns. Financially motivated threat actors are using Cookie Theft malware in phishing attacks against YouTube creators since late 2019. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Accountability 126

Accountability Malware Phishing Social Engineering 126

Bleeping Computer

FEBRUARY 22, 2023

An ongoing malware campaign targets YouTube and Facebook users, infecting their computers with a new information stealer that will hijack their social media accounts and use their devices to mine for cryptocurrency. [.]

Accountability 95

Accountability Malware Cryptocurrency Media 95

CSO Magazine

NOVEMBER 24, 2022

A group of attackers, likely based in Vietnam, that specializes in targeting employees with potential access to Facebook business and ads management accounts, has re-emerged with changes to its infrastructure, malware, and modus operandi after being initially outed a few months ago. To read this article in full, please click here

Accountability 125

Accountability Malware Phishing 125

Bleeping Computer

JULY 23, 2021

Security researchers have published details about the method used by a strain of macOS malware to steal login information from multiple apps, enabling its operators to steal accounts. [.].

Accountability 140

Accountability Malware 140

Penetration Testing

NOVEMBER 10, 2023

Ducktail is a malware family that has been active since the second half of 2021 and aims to steal Facebook business accounts.

Accountability 84

Accountability Penetration Testing Malware 84

Heimadal Security

FEBRUARY 23, 2023

A new S1deload Stealer malware campaign infects YouTube and Facebook users as hackers try to use their devices for cryptocurrency mining. The Malware Attack Explained Threat actors use social engineering […] The post Warning! The Malware Attack Explained Threat actors use social engineering […] The post Warning!

Accountability 89

Accountability Malware Social Engineering Cryptocurrency 89

Bleeping Computer

JUNE 22, 2023

Security researchers have found a simple way to deliver malware to an organization with Microsoft Teams, despite restrictions in the application for files from external sources. [.]

Malware 145

Malware Accountability 145

Schneier on Security

MAY 26, 2022

Brian Krebs has an interesting story of a smart ID card reader with a malware-infested Windows driver, and US government employees who inadvertently buy and use them.

Malware 279

Malware Government Accountability 279

Bleeping Computer

NOVEMBER 9, 2022

A new information-stealing malware named 'StrelaStealer' is actively stealing email account credentials from Outlook and Thunderbird, two widely used email clients. [.].

Accountability 99

Accountability Malware 99

Bleeping Computer

MARCH 18, 2021

Previously undocumented account-stealing malware distributed via fake software crack sites targets the users of major service providers, including Google, Facebook, Amazon, and Apple. [.].

Accountability 145

Accountability Malware Software 145

Bleeping Computer

JUNE 20, 2023

More than 101,000 ChatGPT user accounts have been compromised by information stealers over the past year, according to dark web marketplace data. [.]

Accountability 142

Accountability Malware 142

Bleeping Computer

DECEMBER 1, 2022

An Android malware campaign masquerading as reading and education apps has been underway since 2018, attempting to steal Facebook account credentials from infected devices. [.].

Accountability 99

Accountability Malware Education Mobile 99

Dark Reading

SEPTEMBER 12, 2023

The "MrTonyScam" has a surprisingly high success rate, spreading a Python-based stealer to some 100,000 business accounts per week.

Accountability 129

Accountability Malware 129

Bleeping Computer

DECEMBER 30, 2021

The Have I Been Pwned data breach notification service now lets you check if your email and password are one of 441,000 accounts stolen in an information-stealing campaign using RedLine malware. [.].

Accountability 144

Accountability Malware Data breaches Passwords 144

CSO Magazine

JULY 26, 2022

Helsinki-based cybersecurity vendor WithSecure (formerly F-Secure Business) says it has discovered an operation, dubbed “DUCKTAIL,” that uses social media-based spear phishing attacks to gain access to Facebook Business accounts. Previous attacks targeting Facebook did not target Facebook Business accounts in particular.

Accountability 80

Accountability Malware Media Phishing 80

Hacker Combat

OCTOBER 25, 2021

Google has reported that it disrupted the phishing attacks where threat actors had tried to hijack various YouTube accounts using cookie theft malware. The hijacker’s intent was to use those accounts to promote different crypto-currency scams. . The malware has the ability to steal passwords and cookies. and email.cz.

Accountability 99

Accountability Malware Scams Antivirus 99

Schneier on Security

DECEMBER 8, 2022

A bunch of Android OEM signing keys have been leaked or stolen, and they are actively being used to sign malware. The whole system of authentication rests on the assumption that signing keys are kept secret by the legitimate signers.

Malware 307

Malware Authentication Accountability 307

Heimadal Security

OCTOBER 17, 2022

Cybersecurity researchers spotted a new ‘Ducktail’ phishing campaign that spreads Windows information-stealing malware written in PHP and uses it to steal Facebook accounts, browser data, and cryptocurrency wallets. Using social […].

Accountability 92

Accountability Malware Cryptocurrency Phishing 92

Security Affairs

DECEMBER 31, 2021

The Have I Been Pwned data breach notification service now includes credentials for 441K accounts that were stolen by RedLine malware. The Have I Been Pwned data breach notification service now allows victims of the RedLine malware to check if their credentials have been stolen. SecurityAffairs – hacking, malware).

Accountability 133

Accountability Malware Data breaches Passwords 133

The Hacker News

JANUARY 5, 2024

Mobile network operator Orange Spain suffered an internet outage for several hours on January 3 after a threat actor used administrator credentials captured by means of stealer malware to hijack the border gateway protocol (BGP) traffic.

Accountability 78

Accountability Malware Hacking Mobile 78

Krebs on Security

OCTOBER 31, 2022

A 26-year-old Ukrainian man is awaiting extradition from The Netherlands to the United States on charges that he acted as a core developer for Raccoon , a popular “malware-as-a-service” offering that helped paying customers steal passwords and financial data from millions of cybercrime victims. According to the U.S. Image: USDOJ.

Malware 292

Malware Identity Theft Cybercrime Accountability 292

Bleeping Computer

JANUARY 8, 2024

The official Netgear and Hyundai MEA Twitter/X accounts (together with over 160,000 followers) are the latest hijacked to push scams designed to infect potential victims with cryptocurrency wallet drainer malware. [.]

Accountability 123

Accountability Cryptocurrency Scams Hacking 123

Heimadal Security

APRIL 29, 2022

Account takeover, also known as ATO, is the act of hijacking an existing account and using it for criminal purposes. Account Takeover Examples The five most frequently met account takeover examples are malware replay attacks, social engineering, man-in-the-middle attacks, credential […].

Accountability 105

Accountability Social Engineering Engineering Malware 105

Heimadal Security

AUGUST 10, 2021

The malware, dubbed as FlyTrap works by stealing session cookies. The post Facebook Accounts Hijacked by FlyTrap Malware appeared first on Heimdal Security Blog. The researchers from the security company Zimperium discovered […]. The researchers from the security company Zimperium discovered […].

Accountability 98

Accountability Malware Social Engineering Media 98

Malwarebytes

JANUARY 11, 2024

Hackers have found a way to gain unauthorized access to Google accounts, bypassing any multi-factor authentication (MFA) the user may have set up. It doesn’t even help if the owner of the account changes their password. In this instance, Google has taken action to secure any compromised accounts detected.”

Accountability 145

Accountability Authentication Passwords Malware 145

The Hacker News

SEPTEMBER 15, 2023

An ongoing campaign is targeting Facebook Business accounts with bogus messages to harvest victims' credentials using a variant of the Python-based NodeStealer and potentially take over their accounts for follow-on malicious activities. "The

Accountability 106

Accountability Manufacturing Malware Technology 106

Bleeping Computer

FEBRUARY 7, 2024

A new password-stealing malware named Ov3r_Stealer is spreading through fake job advertisements on Facebook, aiming to steal account credentials and cryptocurrency. [.]

Passwords 131

Passwords Malware Cryptocurrency Advertising 131

The Hacker News

JULY 27, 2022

Facebook business and advertising accounts are at the receiving end of an ongoing campaign dubbed Ducktail designed to seize control as part of a financially driven cybercriminal operation. "The

Accountability 95

Accountability Malware Advertising Cybersecurity 95

Bleeping Computer

MARCH 24, 2024

A new large-scale StrelaStealer malware campaign has impacted over a hundred organizations across the United States and Europe, attempting to steal email account credentials. [.]

Malware 128

Malware Accountability 128

The Hacker News

FEBRUARY 23, 2023

An active malware campaign has set its sights on Facebook and YouTube users by leveraging a new information stealer to hijack the accounts and abuse the systems' resources to mine cryptocurrency.

Cryptocurrency 85

Cryptocurrency Accountability Malware Media 85

Dark Reading

APRIL 28, 2023

Last year, Google banned 173,000 developer accounts and prevented 1.5 million apps from reaching the Play Store as it fought policy violations and malware.

Accountability 80

Accountability Malware 80