Krebs on Security

APRIL 27, 2023

Customers can access a Salesforce Community website in two ways: Authenticated access (requiring login), and guest user access (no login required). This misconfigured Salesforce Community site from the state of Vermont was leaking pandemic assistance loan application data, including names, SSNs, email address and bank account information.

Banking 284

Banking Government Information Security Authentication 284

Security Affairs

APRIL 18, 2024

LabRat was designed to capture two-factor authentication codes and credentials, allowing the criminals to bypass enhanced security measures.” A Melbourne man and an Adelaide man, who police will allege were LabHost users, were arrested during the warrants and charged with cybercrime-related offences. ” The U.K.

Phishing 94

Phishing Cybercrime Passwords Banking 94

Security Affairs

MARCH 14, 2023

Microsoft warns of large-scale phishing attacks orchestrated with an open-source adversary-in-the-middle (AiTM) phishing kit available in the cybercrime ecosystem Adversary-in-the-middle (AiTM) phishing kits are becoming an essential technology in the cybercrime ecosystem that is used by multiple threat actors to launch phishing attacks.

Phishing 74

Phishing Cybercrime Authentication Mobile 74

The Last Watchdog

APRIL 13, 2022

Additionally, there are also Russian cybercrime organizations that are not state-sponsored but are allowed to operate. Although there’s no one magic solution to eliminating cyberattacks and cybercrime risks, there are steps you can take to reduce the chances of becoming a victim. businesses called #ShieldsUp.

Cybersecurity 214

Cybersecurity Cybercrime Education Passwords 214

Security Affairs

MARCH 17, 2024

France Travail data breach impacted 43 Million people Scranton School District in Pennsylvania suffered a ransomware attack Lazarus APT group returned to Tornado Cash to launder stolen funds Moldovan citizen sentenced in connection with the E-Root cybercrime marketplace case UK Defence Secretary jet hit by an electronic warfare attack in Poland Cisco (..)

Data breaches 102

Data breaches Computers and Electronics Cybercrime Ransomware 102

Security Affairs

JANUARY 14, 2024

The investigation started in January 2023 when a cloud provider approached Europol and shared information regarding compromised cloud user accounts. ” continues the press release. .” ” continues the press release.

Cryptocurrency 101

Cryptocurrency Cybercrime Accountability Authentication 101

Security Affairs

JANUARY 13, 2024

Akira ransomware targets Finnish organizations GitLab fixed a critical zero-click account hijacking flaw Juniper Networks fixed a critical RCE bug in its firewalls and switches Vast Voter Data Leaks Cast Shadow Over Indonesia ’s 2024 Presidential Election Researchers created a PoC for Apache OFBiz flaw CVE-2023-51467 Team Liquid’s wiki leak exposes (..)

VPN 105

VPN Cybercrime Ransomware Hacking 105

Security Affairs

MARCH 30, 2024

AT&T confirmed that a data breach impacted 73 million current and former customers after its data were leaked on a cybercrime forum. In August 2021, the group asked $1 million for the entire database, or $200,000 for access, according to the RestorePrivacy website that examined a sample that appears authentic.

Data breaches 132

Data breaches Telecommunications Cybercrime Hacking 132

Security Affairs

FEBRUARY 16, 2021

Experts pointed out that attacks abusing the ngrok platform are hard to detect because connections to subdomains of ngrok.com are not filtered by security measures. Experts provided a list of ngrok -based attacks conducted by cybercrime organizations and nation-stated actors such as Fox Kitten and Pioneer Kitten APT groups.

Phishing 124

Phishing Cybercrime Mobile Internet 124

Security Affairs

JUNE 2, 2021

Group-IB discovered a database allegedly belonging to a bulletproof hosting provider DDoS-Guard posted for sale on a cybercrime forum. The database supposedly contains information about DDoS-Guard’s customers, including their names, IP-addresses, and payment information. The seller registered this account on exploit[.]in

DDOS 104

DDOS Cybercrime Authentication Accountability 104

Security Affairs

MARCH 10, 2024

Judge ordered NSO Group to hand over the Pegasus spyware code to WhatsApp Cybercrime BlackCat Ransomware Affiliate TTPs American Express credit cards EXPOSED in third-party vendor data breach – account numbers and names among details accessed in hack LockBit 3.0’S

Spyware 85

Spyware Data breaches Hacking Ransomware 85

Security Affairs

AUGUST 15, 2022

Researchers from Cyber looked for VNC exposed over the internet and discovered over 8000 VNC instances with authentication disabled, most of them in China, Sweden, and the United States. Cyble also reported that threat actors are selling access to systems exposed on the Internet via VNC on cybercrime forums. ” Cyble states.

Internet 94

Internet Internet Risk Cybercrime 94

Security Affairs

MARCH 26, 2024

In May 2018, researchers from security firm Qihoo 360 Netlab reported that cybercriminals that targeted the Dasan GPON routers were using another new zero-day flaw affecting the same routers and recruit them in their botnet. Once the rules have been created, a thread connects to an NTP server from a roster of authentic NTP servers.

IoT 120

IoT Cybercrime Internet Internet 120

Security Affairs

APRIL 30, 2023

ViperSoftX uses more sophisticated encryption and anti-analysis techniques Atomic macOS Stealer is advertised on Telegram for $1,000 per month CISA warns of a critical flaw affecting Illumina medical devices OpenAI reinstates ChatGPT service in Italy after meeting Garante Privacy’s demands Cisco discloses a bug in the Prime Collaboration Deployment (..)

Cybercrime 87

Cybercrime Malware Hacking Accountability 87

Security Affairs

JULY 2, 2023

WordPress sites using the Ultimate Member plugin are under attack LockBit gang demands a $70 million ransom to the semiconductor manufacturing giant TSMC Avast released a free decryptor for the Windows version of the Akira ransomware Iran-linked Charming Kitten APT enhanced its POWERSTAR Backdoor miniOrange’s WordPress Social Login and Register plugin (..)

Cybercrime 84

Cybercrime Hacking Ransomware Malware 84

Security Affairs

APRIL 15, 2024

Cisco Duo warns that a data breach involving one of its telephony suppliers exposed multifactor authentication (MFA) messages sent by the company via SMS and VOIP to its customers. The security breach occurred on April 1, 2024, the threat actors used a Provider employee’s credentials that illicitly obtained through a phishing attack.

Data breaches 112

Data breaches Social Engineering Engineering Authentication 112

Security Affairs

JUNE 4, 2023

Xplain hack impacted the Swiss cantonal police and Fedpol Zyxel published guidance for protecting devices from ongoing attacks Kimsuky APT poses as journalists and broadcast writers in its attacks New Linux Ransomware BlackSuit is similar to Royal ransomware CISA adds Progress MOVEit Transfer zero-day to its Known Exploited Vulnerabilities catalog (..)

Spyware 85

Spyware Hacking Malware Social Engineering 85

Security Affairs

MARCH 28, 2023

Disinformation: ChatGPT excels at producing authentic sounding text at speed and scale. Cybercrime: In addition to generating human-like language, ChatGPT is capable of producing code in a number of different programming languages. ” states the report published by Europol.

Artificial Intelligence 92

Artificial Intelligence Social Engineering Cybercrime Engineering 92

Security Affairs

FEBRUARY 10, 2021

Europol investigators revealed that the cybercrime organization stole more than $100 million worth of cryptocurrency using SIM Swapping attacks. “This enabled them to steal money, bitcoin and personal information, including contacts synced with online accounts. SecurityAffairs – hacking, cybercrime). Pierluigi Paganini.

Cybercrime 79

Cybercrime Cryptocurrency Accountability Authentication 79

Security Affairs

NOVEMBER 29, 2022

In early October, Fortinet addressed the critical authentication bypass flaw, tracked as CVE-2022-40684, that impacted FortiGate firewalls and FortiProxy web proxies. On October 18, Fortinet confirmed the critical authentication bypass vulnerability is being exploited in the wild. ” concludes the post.

VPN 99

VPN Firewall Authentication Internet 99

Security Affairs

FEBRUARY 25, 2024

Uninstall it immediately Microsoft Exchange flaw CVE-2024-21410 could impact up to 97,000 servers ConnectWise fixed critical flaws in ScreenConnect remote access tool More details about Operation Cronos that disrupted Lockbit operation Cactus ransomware gang claims the theft of 1.5TB of data from Energy management and industrial automation firm Schneider (..)

Spyware 93

Spyware Cyber Insurance Hacking Advertising 93

Security Affairs

DECEMBER 29, 2023

, Safer Secure Browser, Sputnik, Nichrome, CocCoc Browser, Uran, Chromodo, Yandex Browser, 7Star, Chedot, CentBrowser, Iridium, Opera Stable, Opera Neon, Opera Crypto Developer, Opera GX, Elements Browser, Citrio, Sleipnir5 ChromiumViewer, QIP Surf, Liebao, Coowon, ChromePlus, Rafotech Mustang, Suhba, TorBro, RockMelt, Bromium, Twinkstar, CCleaner (..)

Password Management 123

Password Management Cryptocurrency Passwords Authentication 123

Security Affairs

MARCH 12, 2021

Below the details of the ProxyLogon vulnerabilities: The first zero-day, tracked as CVE-2021-26855 , is a server-side request forgery (SSRF) vulnerability in Exchange that could be exploited by an attacker to authenticate as the Exchange server by sending arbitrary HTTP requests.

Cyber Attacks 121

Cyber Attacks Cybercrime Authentication Hacking 121

Security Affairs

OCTOBER 7, 2021

A proof of concept exploit for two authentication bypass vulnerabilities in Dahua cameras is available online, users are recommended to immediately apply updates. “The identity authentication bypass vulnerability found in some Dahua products during the login process.

Authentication 124

Authentication Firmware Hacking Engineering 124

Security Affairs

JULY 31, 2021

The data has been initially leaked on a cybercrime forum, but now copies of the stolen data are circulating on different underground sites. The hackers used stolen authentication cookies for an EA internal Slack channel that were bought in the Genesis black marketplace.

Data breaches 145

Data breaches Cybercrime Hacking Engineering 145

Security Affairs

APRIL 27, 2024

The attack chain starts with fake application updates for popular software, such as the Chrome browser and the Austrian digital authentication application. Brokewell employs overlay attacks to overlap a fake screen over legitimate applications, capturing user credentials. The malicious code also has the capability to steal cookies.

Malware 104

Malware Spyware Authentication Mobile 104

Security Affairs

MARCH 22, 2022

Microsoft recently announced that is investigating claims that the Lapsus$ cybercrime gang breached their internal Azure DevOps source code repositories and stolen data. Now the cybercrime gang claims to have leaked the source code for some Microsoft projects, including Bing and Cortana.

Cybercrime 89

Cybercrime Telecommunications VPN Hacking 89

Security Affairs

SEPTEMBER 3, 2023

ransomware builder used by multiple threat actors Cisco fixes 3 high-severity DoS flaws in NX-OS and FXOS software Cybercrime Unpacking the MOVEit Breach: Statistics and Analysis Cl0p Ups The Ante With Massive MOVEit Transfer Supply-Chain Exploit FBI, Partners Dismantle Qakbot Infrastructure in Multinational Cyber Takedown U.S.

Social Engineering 103

Social Engineering Spyware Data breaches Surveillance 103

Security Affairs

DECEMBER 21, 2023

A treasure trove for bad actors Personally identifiable information from car renting companies is highly valued among black-hat hackers and is often sold in batches on cybercrime marketplaces on the dark web. Additionally, users are advised to enable multi-factor authentication wherever possible.

Mobile 102

Mobile Identity Theft Passwords Phishing 102

Security Affairs

MARCH 18, 2020

It could be exploited by a remote, authenticated attacker to execute arbitrary code on vulnerable installs. An attempted attack requires user authentication.” The vulnerability could be exploited by an authenticated attacker to “manipulate certain agent client components.”. An attempted attack requires user authentication.”

Authentication 103

Authentication Advertising Antivirus Cybercrime 103

Security Affairs

OCTOBER 30, 2020

The Netlogon service is an Authentication Mechanism used in the Windows Client Authentication Architecture which verifies logon requests, and it registers, authenticates, and locates Domain Controllers. The IT giant urged Windows administrators to install the released security updates as soon as possible.

Authentication 131

Authentication Advertising Architecture Cybercrime 131

Security Affairs

JANUARY 28, 2024

Russia-linked APT group Midnight Blizzard hacked Hewlett Packard Enterprise (HPE) CISA adds Atlassian Confluence Data Center bug to its Known Exploited Vulnerabilities catalog 5379 GitLab servers vulnerable to zero-click account takeover attacks Experts released PoC exploit for Fortra GoAnywhere MFT flaw CVE-2024-0204 Akira ransomware attack on Tietoevry (..)

Artificial Intelligence 93

Artificial Intelligence Hacking Malware Cyber Attacks 93

Security Affairs

OCTOBER 11, 2022

.” The toolkit provides templates for a broad range of targets, including Chinese and Russian organizations, which is quite uncommon in the cybercrime ecosystem. Caffeine is advertised on multiple cybercrime underground forums, its subscription models are more expensive compared with other PhaaS platforms. Pierluigi Paganini.

Phishing 87

Phishing Cybercrime Accountability Advertising 87

CyberSecurity Insiders

MAY 22, 2021

NEW YORK–( BUSINESS WIRE )– Veridium , a leading developer of frictionless, passwordless authentication solutions, is proud to announce that it’s won the 2021 Global InfoSec Award in the category of Next-Gen in Passwordless Authentication. “We For more information, please visit www.veridiumid.com. About Veridium.

InfoSec 52

InfoSec B2C B2B Authentication 52

Security Affairs

FEBRUARY 10, 2022

Use strong multi-factor authentication methods such as biometrics, physical security tokens, or standalone authentication applications to access online accounts. Do not store passwords, usernames, or other information for easy login on mobile device applications. Be aware of any changes in SMS-based connectivity.

Mobile 89

Mobile Cryptocurrency Authentication Accountability 89

Security Affairs

JANUARY 13, 2024

An unauthenticated, remote attacker can exploit the vulnerability to conduct a brute force attack in an attempt to identify valid username and password combinations or an authenticated, remote attacker to establish a clientless SSL VPN session with an unauthorized user. Cisco investigated the hacking campaign with the help of Rapid7.

Ransomware 108

Ransomware Backups VPN Authentication 108

Security Affairs

APRIL 5, 2023

The rapidly evolving threat facing FIs today is that fraudsters have learned how to successfully game Know Your Customer (KYC) and business authentication processes successfully. The discovery of STYX also highlights the need for international cooperation in combating cybercrime.

Banking 77

Banking Cybercrime Accountability Risk 77