Security Affairs

JANUARY 15, 2025

The ransomware group Codefinger is using compromised AWS keys to encrypt S3 bucket data using SSE-C, Halcyon researchers warn. The ransomware group Codefinger has been spotted using compromised AWS keys to encrypt data in S3 buckets. Halcyon researchers pointed out that this ransomware campaign does not exploit any AWS vulnerability.

Encryption 120

Encryption Ransomware Authentication Accountability 120

Malwarebytes

APRIL 15, 2025

The car rental giants data was stolen in a ransomware attack leveraging a vulnerability in Cleo file sharing products. Change your password. You can make a stolen password useless to thieves by changing it. Choose a strong password that you dont use for anything else. Better yet, let a password manager choose one for you.

Data breaches 105

Data breaches Ransomware Passwords B2B 105

Malwarebytes

JANUARY 27, 2025

In May, UnitedHealth CEO Andrew Witty estimated that the ransomware attack compromised the data of a third of US individuals when he testified before the Senate Finance Committee on Capitol Hill. The ALPHV/BlackCat ransomware group claimed the initial attack. Change your password. Enable two-factor authentication (2FA).

Data breaches 127

Data breaches Healthcare Passwords Insurance 127

Krebs on Security

NOVEMBER 21, 2024

The targeted SMS scams asked employees to click a link and log in at a website that mimicked their employer’s Okta authentication page. The bot allowed the attackers to use the phished username, password and one-time code to log in as that employee at the real employer website.

Identity Theft 265

Identity Theft Phishing Cryptocurrency Accountability 265

The Last Watchdog

DECEMBER 6, 2022

Much more effective authentication is needed to help protect our digital environment – and make user sessions smoother and much more secure. Consider that some 80 percent of hacking-related breaches occur because of weak or reused passwords, and that over 90 percent of consumers continue to re-use their intrinsically weak passwords.

Authentication 203

Authentication Healthcare Artificial Intelligence Passwords 203

Security Affairs

NOVEMBER 25, 2024

Zyxel warns that a ransomware group has been observed exploiting a recently patched command injection issue in its firewalls. Zyxel warns that a ransomware gang has been observed exploiting a recently patched command injection vulnerability, tracked as CVE-2024-42057, in its firewalls for initial compromise.

Firewall 77

Firewall Ransomware VPN Firmware 77

Krebs on Security

APRIL 30, 2025

Members of Scattered Spider have been tied to the 2023 ransomware attacks against MGM and Caesars casinos in Las Vegas, but it remains unclear whether Buchanan was implicated in that incident. The Justice Department’s complaint against Buchanan makes no mention of the 2023 ransomware attack. ” U.S.

Identity Theft 191

Identity Theft Phishing Cryptocurrency Cybercrime 191

Malwarebytes

NOVEMBER 4, 2024

A ransomware attack against the City of Columbus, Ohio—which drew public scrutiny following the city government’s attempt to silence a researcher who told the public about the attack—has received a little more detail from an unexpected source: The Attorney General for the state of Maine. Change your password.

Data breaches 118

Data breaches Passwords Ransomware Phishing 118

Malwarebytes

MAY 1, 2025

These messages frequently warn recipients about a problem with their accounts, like a password that needs to be updated, a policy change that requires a login, or a delayed package that has to be approved. In reality, those usernames and passwords are delivered directly to cybercriminals on the other side of the website.

Small Business 89

Small Business Cybersecurity Passwords Scams 89

The Last Watchdog

NOVEMBER 19, 2023

As the companies face nine federal lawsuits for failing to protect customer data, it’s abundantly clear hackers have checkmated multi-factor authentication (MFA). But the coup de gras was how easily they brushed aside the multi-factor authentication protections. How they steamrolled multi-factor authentication is a reason for pause.

Social Engineering 310

Social Engineering Passwords Authentication Marketing 310

Security Affairs

AUGUST 31, 2023

Cisco is aware of attacks conducted by Akira ransomware threat actors targeting Cisco ASA VPNs that are not configured for multi-factor authentication. “This highlights the importance of enabling multi-factor authentication (MFA) in VPN implementations. . ” reads a post published by Cisco PSIRT. 200 and 162.35.92[.]242

Authentication 139

Authentication Ransomware VPN Hacking 139

Krebs on Security

SEPTEMBER 13, 2023

USDoD claimed they grabbed the data by using passwords stolen from a Turkish airline employee who had third-party access to Airbus’ systems. By stealing these tokens, attackers can often reuse them in their own web browser, and bypass any authentication normally required for that account. Microsoft Corp. government inboxes.

Cybercrime 341

Cybercrime Passwords Authentication Malware 341

The Last Watchdog

APRIL 11, 2022

From financial institutions to meat producers, it seems every industry has been impacted by ransomware in the past year — maybe even the past week. Related: Tech solutions alone can’t stop ransomware. Put simply, ransomware attacks are on the rise because of profits. At the macro level, password hygiene is abysmal.

Ransomware 235

Ransomware Social Engineering Passwords Engineering 235

Malwarebytes

MARCH 17, 2025

The FBI warned specifically about that malware leading to ransomware attacks, but we’ve also seen similar sites that install browser hijackers, adware, and potentially unwanted programs (PUPs). Other passwords and session tokens that could allow the scammers to bypass multi-factor authentication (MFA). Email addresses.

Malware 138

Malware Adware Education Phishing 138

Troy Hunt

APRIL 26, 2021

This strain of malware dates back as far as 2014 and it became a gateway into infected machines for other strains of malware ranging from banking trojans to credential stealers to ransomware. Change your email account password. Turn on 2 factor authentication wherever available. Keep operating systems and software patched.

Malware 363

Malware Passwords Banking Password Management 363

Malwarebytes

OCTOBER 25, 2024

The attack on Change Healthcare, which processes about 50% of US medical claims, was one of the worst ransomware attacks against American healthcare and caused widespread disruption in payments to doctors and health facilities. Change your password. You can make a stolen password useless to thieves by changing it.

Healthcare 120

Healthcare Data breaches Passwords Identity Theft 120

Digital Shadows

FEBRUARY 17, 2025

Key Findings First observed in March 2024, BlackLock (aka El Dorado or Eldorado) has rapidly emerged as a major player in the ransomware-as-a-service (RaaS) ecosystem. By Q4 2024, it ranked as the 7th most prolific ransomware group on data-leak sites, fueled by a staggering 1,425% increase in activity from Q3.

Ransomware 83

Ransomware Malware Risk Accountability 83

Thales Cloud Protection & Licensing

MAY 7, 2025

Traditional Multi-Factor Authentication (MFA), while a step up from password-only security, is no longer enough to fight modern phishing schemes. As malefactors hone their methods, entities must adopt phishing-resistant multi-factor authentication to secure their digital identities.

Phishing 71

Phishing Authentication Passwords Social Engineering 71

Malwarebytes

OCTOBER 19, 2023

The administrator password is "admin". Research has revealed that IT administrators are just as likely to do the tech equivalent of putting the key under the mat as end users, with both groups using similarly predictable passwords. For that reason, using default passwords is considered a serious security risk.

Passwords 134

Passwords Authentication Password Management Engineering 134

eSecurity Planet

AUGUST 19, 2022

One new tactic hackers have been using is to steal cookies from current or recent web sessions to bypass multi-factor authentication (MFA). Even cloud infrastructures rely on cookies to authenticate their users. Browsers allow users to maintain authentication, remember passwords and autofill forms.

Authentication 142

Authentication Password Management Passwords Malware 142

Digital Shadows

MARCH 17, 2025

This bypasses security barriers entirely, giving adversaries a direct path to infiltrate networks, steal data, and deploy ransomware undetected. For businesses, this means their compromised access can be resold multiple times, leaving them vulnerable to repeated attacks from different threat actors if passwords arent changed promptly.

VPN 133

VPN Authentication Ransomware Risk 133

Daniel Miessler

MAY 14, 2020

Use unique, strong passwords, and store them in a password manager. Many people get hacked from having guessable or previously compromised passwords. Good passwords are long, random, and unique to each account, which means it’s impossible for a human to manage them on their own. Automatic Logins Using Lastpass.

Risk 345

Risk Passwords Password Management Accountability 345

The Last Watchdog

JULY 11, 2024

Passwords have been the cornerstone of basic cybersecurity hygiene for decades. But as secure and user-friendly as these authentication methods are, cybercriminals are already busily sidestepping all forms of authentication – passwords, MFA, and passkeys – to sometimes devastating effect.

Authentication 124

Authentication Passwords Malware Accountability 124

Krebs on Security

APRIL 4, 2023

Several domain names tied to Genesis Market , a bustling cybercrime store that sold access to passwords and other data stolen from millions of computers infected with malicious software, were seized by the Federal Bureau of Investigation (FBI) today. ” a cybercrime forum ad for Genesis enthused. Image: KrebsOnSecurity.

Marketing 363

Marketing Passwords Cybercrime Banking 363

Security Affairs

APRIL 26, 2025

MTN urges customers to stay vigilant by placing fraud alerts, updating apps, using strong passwords, avoiding suspicious links, and enabling multifactor authentication. At this time, no ransomware groups have claimed responsibility for an attack. The ransomware group has since leaked the stolen data on its dark web leak site.

Data breaches 108

Data breaches Telecommunications Financial Services Mobile 108

Security Affairs

NOVEMBER 2, 2024

is an inadequate authentication mechanisms that could allow an attacker to access sensitive information like usernames, MD5 password hashes, and configuration data. Attackers can also trigger flaws to extract network details to infiltrate connected systems, increasing the risk of data breaches and ransomware attacks.

Firmware 124

Firmware Manufacturing IoT Healthcare 124

Krebs on Security

JULY 8, 2021

Last week cybercriminals deployed ransomware to 1,500 organizations that provide IT security and technical support to many other companies. “It’s a patch for their own software. ” The official description of CVE-2015-2862 says a would-be attacker would need to be already authenticated to the server for the exploit to work.

Software 327

Software Ransomware System Administration Authentication 327

SecureWorld News

NOVEMBER 7, 2024

In the same way, utilities around the world have experienced service disruptions as ransomware targets back-end systems. Strong authentication: Each device, no matter how small, should have strong, unique authentication measures to prevent unauthorized access. This is often due to a seemingly innocuous sensor compromise.

IoT 109

IoT Firmware Encryption Authentication 109

Security Affairs

JANUARY 13, 2024

The Finish National Cybersecurity Center (NCSC-FI) warns of increased Akira ransomware attacks targeting NAS and tape backup devices of organizations in the country. The Finish National Cybersecurity Center (NCSC-FI) reported an increase in Akira ransomware attacks, targeting organizations in the country.

Ransomware 138

Ransomware Backups VPN Authentication 138

Malwarebytes

OCTOBER 6, 2023

Recently, Amazon announced that it will require all privileged Amazon Web Services (AWS) accounts to use multi-factor authentication (MFA) , starting in mid-2024. Our regular readers will know that we feel that passwords alone are not adequate protection , especially not for your important accounts.

Authentication 133

Authentication Passwords Social Engineering Accountability 133

eSecurity Planet

DECEMBER 4, 2024

This approach also helps to contain the spread of malware and ransomware, which, according to Microsoft’s Digital Defense Report, resulted in 93% of these attacks being successful due to them having access to so many privileged user accounts. Data Protection Windows 11 Enterprise introduced a new Personal Data Encryption feature.

Encryption 107

Encryption Phishing Passwords Authentication 107

Security Affairs

AUGUST 23, 2024

Sophos researchers investigated a Qilin ransomware breach attack that led to the theft of credentials stored in Google Chrome browsers. Sophos researchers investigated a Qilin ransomware attack where operators stole credentials stored in Google Chrome browsers of a limited number of compromised endpoints. ” concludes the report.

Ransomware 137

Ransomware Cybercrime Passwords VPN 137

Security Affairs

NOVEMBER 3, 2024

Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Cryptocurrency 111

Cryptocurrency Hacking Phishing Cyber Attacks 111

Malwarebytes

OCTOBER 4, 2023

On September 25, newcomer ransomware group RansomedVC claimed to have successfully compromised the computer systems of entertainment giant Sony. It looks as if this is fall-out from the attack on Sony that was claimed by the Cl0p ransomware gang in June. How to avoid ransomware Block common forms of entry. Prevent intrusions.

Ransomware 134

Ransomware Data breaches Passwords Backups 134

Trend Micro

FEBRUARY 19, 2025

In this blog entry, we discuss how Shadowpad is being used to deploy a new undetected ransomware family. Attackers deploy the malware by exploiting weak passwords and bypassing multi-factor authentication.

Malware 109

Malware Ransomware Passwords Authentication 109

Krebs on Security

DECEMBER 8, 2022

Ransomware groups are constantly devising new methods for infecting victims and convincing them to pay up, but a couple of strategies tested recently seem especially devious. Department of Health and Human Services (HHS) warned that Venus ransomware attacks were targeting a number of U.S. “ Cl0p ” a.k.a.

Healthcare 328

Healthcare Backups Ransomware Insurance 328

IT Security Guru

FEBRUARY 25, 2025

A prime example is multi-factor authentication (MFA), a security process that requires users to verify their identity in two or more ways, such as a password, a code sent to their phone, or a fingerprint. MFA Bombing: Armed with the compromised username and password, they initiate a login attempt and trigger an MFA prompt.

Social Engineering 118

Social Engineering Authentication Risk Accountability 118