Krebs on Security

MAY 21, 2021

Gwin contacted KrebsOnSecurity after hearing from job seekers trying to verify the ad, which urged respondents to email Gwin at a Gmail address that was not his. Gwin said LinkedIn told him roughly 100 people applied before the phony ads were removed for abusing the company’s terms of service. “Almost 100 people applied.

Scams 363

Scams Accountability Advertising Engineering 363

Malwarebytes

MAY 9, 2024

As part of the investigation of the incident, the company says it has determined that the attacker accessed and acquired data, including certain protected health information. On its company website it touts over 7,000,000 patient interactions. The thieves may contact you posing as the vendor. Watch out for fake vendors.

Data breaches 90

Data breaches Healthcare Passwords Phishing 90

Adam Levin

APRIL 18, 2019

Facebook announced that it “unintentionally” harvested the email contacts of 1.5 The social media company automatically uploaded the information from users who had registered with the site after 2016 and provided their email addresses and passwords. million people’s email contacts may have been uploaded.

Passwords 205

Passwords Accountability Media Identity Theft 205

Malwarebytes

APRIL 18, 2024

The Federal Trade Commission (FTC) has reached a settlement with online mental health services company Cerebral after the company was charged with failing to secure and protect sensitive health data. Many organizations are unclear about how much information the social media companies behind the tracking pixels can gather.

Data breaches 113

Data breaches Passwords Phishing Password Management 113

Krebs on Security

DECEMBER 13, 2022

Federal Bureau of Investigation (FBI) to build cyber and physical threat information sharing partnerships with the private sector, this week saw its database of contact information on more than 80,000 members go up for sale on an English-language cybercrime forum. InfraGard , a program run by the U.S.

Hacking 361

Hacking Energy and Utilities Cybercrime Accountability 361

Krebs on Security

SEPTEMBER 20, 2021

In a bid to minimize these scenarios, a growing number of major companies are adopting “ Security.txt ,” a proposed new Internet standard that helps organizations describe their vulnerability disclosure practices and preferences. An example of a security.txt file. well-known/security.txt. ” GET READY TO BE DELUGED.

Retail 305

Retail Healthcare Internet Internet 305

Malwarebytes

MAY 2, 2024

Only then it becomes apparent that the real advertiser is not CNN, but instead a company called Yojoy Network Technology Co., These tech support scammers will impersonate legitimate software companies (i.e. They can later use the information you provide to block people/companies. Change all your passwords.

Scams 138

Scams Advertising Identity Theft Passwords 138

Security Affairs

JANUARY 25, 2024

Cisco addressed a critical flaw in its Unified Communications and Contact Center Solutions products that could lead to remote code execution. Cisco released security patches to address a critical vulnerability, tracked as CVE-2024-20253 (CVSS score of 9.9), impacting multiple Unified Communications and Contact Center Solutions products.

Hacking 122

Hacking Information Security 122

The Hacker News

SEPTEMBER 29, 2023

The North Korea-linked Lazarus Group has been linked to a cyber espionage attack targeting an unnamed aerospace company in Spain in which employees of the firm were approached by the threat actor posing as a recruiter for Meta.

110

110

Krebs on Security

MARCH 23, 2021

The phishers had access for more than 24 hours, and sources tell KrebsOnSecurity the intruders used that time to steal Social Security numbers and sensitive files on thousands of state workers, and to send targeted phishing messages to at least 9,000 other workers and their contacts. Source: sco.ca.gov. .

Phishing 281

Phishing Data breaches Accountability Technology 281

Security Affairs

OCTOBER 27, 2023

The Boeing Company, commonly known as Boeing, is one of the world’s largest aerospace manufacturers and defense contractors. The gang claims to have stolen a huge amount of sensitive data from the company and threatens to publish it if Boeing does not contact them within the deadline (02 Nov, 2023 13:25:39 UTC).

Ransomware 134

Ransomware Manufacturing InfoSec Hacking 134

Security Affairs

SEPTEMBER 17, 2023

According to the statement published on the CardX official website on September 15th, the company experienced a cybersecurity incident that exposed personal information related to personal loan and cash card applications. The company assures that this information cannot be used for financial transactions.

Banking 132

Banking Cybersecurity Accountability Hacking 132

Security Affairs

JANUARY 10, 2024

The company immediately launched an investigation into the incident and discovered that threat actors in August gained access to a company server and stolen unencrypted files. The company recommends that impacted individuals monitor account statements, explanations of benefits, and credit bureau reports.

Data breaches 105

Data breaches Healthcare Hacking Accountability 105

Malwarebytes

MAY 10, 2024

Feel free to contact me to discuss use cases and opportunities. The thieves may contact you posing as the vendor. Check the vendor website to see if they are contacting victims, and verify any contacts using a different communication channel. It is up to date information registered at Dell servers. Take your time.

Data breaches 96

Data breaches Passwords Phishing Big data 96

Malwarebytes

NOVEMBER 16, 2023

An alarm system company that allows those in need to ask for help at the touch of a button has suffered a cyberattack, causing serious disruption. It has engaged a specialized cybersecurity company to investigate the situation. Some Android phones offer the option to add emergency contacts. This will need to be done first.

Healthcare 121

Healthcare Risk Mobile Cybersecurity 121

Joseph Steinberg

OCTOBER 24, 2022

million customers; the hacker has even offered to show the stolen data pertaining to 100 customers as evidence of their successfully having breached the company. million customers; the hacker has even offered to show the stolen data pertaining to 100 customers as evidence of their successfully having breached the company.

Cybersecurity 338

Cybersecurity Social Engineering Artificial Intelligence Scams 338

Security Affairs

MAY 11, 2024

This week IntelBroker also announced on a Breach Forums the sale of the access to “one of the largest cyber security companies.” IntelBroker did not reveal the name of the compromised security firm, but the threat actor announced in the BF ShoutBot that the company is ZScaler. Revenue: $1.8

Hacking 98

Hacking Data breaches Cybercrime Cryptocurrency 98

The Hacker News

DECEMBER 16, 2023

MongoDB on Saturday disclosed it's actively investigating a security incident that has led to unauthorized access to "certain" corporate systems, resulting in the exposure of customer account metadata and contact information.

Accountability 102

Accountability Software 102

Security Affairs

MARCH 12, 2024

In practice, fake insurance operators contact victims through calls, messages, or sponsorships on social networks, offering policies at advantageous prices. After the first contact via instant messaging channels, further documents are then requested and a quote is provided.

Insurance 102

Insurance Scams Education Engineering 102

Krebs on Security

MARCH 20, 2024

The site offers to sell a report containing photos, police records, background checks, civil judgments, contact information “and much more!” ” Imagine that: Two different people-search companies mentioned in the same story about fantasy football. How many more fake companies and profiles are connected to this scheme?

Marketing 252

Marketing Technology Data privacy Advertising 252

Schneier on Security

JULY 21, 2022

BitSight found the device in use in 169 countries, with customers including governments, militaries, law enforcement agencies, and aerospace, shipping, and manufacturing companies. The security firm said it first contacted Micodus in September to notify company officials of the vulnerabilities.

Manufacturing 296

Manufacturing Surveillance Mobile Authentication 296

CyberSecurity Insiders

MARCH 20, 2023

The company immediately pulled down the compromised servers from the corporate computer network and began remediation efforts. However, the company did not find any evidence that the leaked info accessed, stolen or misused by the threat actors were being misused. that’s great! Ferrari S.p.A

Ransomware 116

Ransomware Scams Data breaches Banking 116

Malwarebytes

MARCH 25, 2024

In a filing with the Securities and Exchanges Commission (SEC) , parent company V.F. It is unclear whether VF Corporation was able to use the decryptor made available after law enforcement seized control of ALPHV’s infrastructure, even though ALPHV reportedly claimed that the company tried to obtain a decryptor from law enforcement.

Data breaches 117

Data breaches Phishing Identity Theft Passwords 117

Security Affairs

APRIL 10, 2024

A ransomware group contacted the organization claiming the theft of data. Our discovery was confirmed when the attacker, a foreign ransomware gang, contacted GHC-SCW claiming responsibility for the attack and stealing our data,” continues the notification letter.

Data breaches 117

Data breaches Ransomware Insurance Encryption 117

Malwarebytes

JANUARY 15, 2024

In November 2023, real estate services company Fidelity National Financial (FNF) got its systems knocked offline for a week after a cyberincident. Form 8-K is known as a “current report” and it is the report that companies must file with the SEC to announce major events that shareholders should know about. Watch out for fake vendors.

Data breaches 103

Data breaches Identity Theft Passwords Ransomware 103

Security Affairs

MAY 13, 2024

Firstmac Limited disclosed a data breach after the new Embargo extortion group leaked over 500GB of data allegedly stolen from the company. Firstmac Limited is an Australian owned company with experience in home and investment loans. They have a range of market insurance products backed by international company, Allianz Group.

Data breaches 63

Data breaches Cyber Attacks Identity Theft Banking 63

Malwarebytes

DECEMBER 21, 2023

For some customers, other personal information may have been exposed, such as names, contact information, the last four digits of social security numbers, dates of birth, and secret questions combined with answers. Although you would expect a large company like Comcast to have some type of vulnerability and patch management deployed.

Data breaches 109

Data breaches Passwords Identity Theft Phishing 109

Malwarebytes

DECEMBER 19, 2023

A major mortgage and loan company based in Dallas, working under the name Mr. Cooper Group Inc. In a data breach notification , the company didn’t say what type of cyberattack caused the compromise of customer data, calling it a rather non-descriptive “External system breach (hacking).” Watch out for fake vendors.

Data breaches 121

Data breaches Identity Theft Passwords Phishing 121

Security Affairs

OCTOBER 27, 2023

Cybernews contacted the company for an official comment but received no reply at the time of writing. In 2018, business magazine Fast Company selected the company as one of the Top 50 Most Innovative Companies in the World. Launched nine years ago, the New York-based platform has publicly raised $56.5

Authentication 107

Authentication Engineering Passwords Software 107

Security Boulevard

FEBRUARY 8, 2022

A contact form for customer inquiries is one of the most common features present on the websites of most companies. It provides an easy way for prospective customers to get in touch with the company. The post How contact forms can be exploited to conduct large scale phishing activity?

Phishing 98

Phishing 98

Security Affairs

NOVEMBER 2, 2023

Boeing confirmed it is facing a cyber incident that hit its global services division, the company pointed out that flight safety isn’t affected. The Boeing Company, commonly known as Boeing, is one of the world’s largest aerospace manufacturers and defense contractors. In 2022, Boeing recorded $66.61

Manufacturing 106

Manufacturing Ransomware Cybercrime Hacking 106

Malwarebytes

APRIL 12, 2023

Companies which can supposedly help you remove sextortion content or shut down blackmailers, offer to help those in need of assistance. These organisations may be contacted by the victims directly (for example, via adverts or search engine results) or they may make contact by another method.

Scams 90

Scams Advertising Media Engineering 90

Malwarebytes

APRIL 2, 2024

In its latest statement, the company confirmed that the leak contained “AT&T data-specific fields,” but said it had not yet determined the source of that data. In a separate statement, the company also said it is reaching out to the people affected by the breach. The thieves may contact you posing as the vendor.

Data breaches 144

Data breaches Passwords Phishing Accountability 144

The Hacker News

AUGUST 25, 2023

The incident, which took place on August 19, 2023, targeted the employee's T-Mobile account, the company said. Specifically, T-Mobile, without any authority from or contact with Kroll or its employee, transferred that employee's phone

Data breaches 95

Data breaches Mobile Accountability Risk 95

Security Affairs

APRIL 8, 2024

The company announced that it deleted DOJ data from its systems after the incident. According to the data breach notification sent by Greylock McKinnon Associates to the Main Attorney General, the company was the victim of a sophisticated cyberattack. The data breach occurred on May 30, 2023, and was discovered on February 7, 2024.

Data breaches 114

Data breaches Identity Theft Insurance Hacking 114

Security Affairs

JANUARY 30, 2024

Schneider Electric is a multinational company that specializes in energy management, industrial automation, and digital transformation. BleepingComputer first reported the attack that hit the Sustainability Business division of the company on January 17th. BleepingComputer contacted Schneider Electric which confirmed the data breach.

Ransomware 129

Ransomware Hacking Data breaches Digital transformation 129

Security Affairs

SEPTEMBER 30, 2023

Exposed records include customers’ names, addresses, dates of reservation, payment method, and contact information. TB) containing names, addresses, dates of reservation, payment method, and contact information. We are giving you 5 days before a catastrophe occurs for your company.”

Hacking 117

Hacking Ransomware Manufacturing Media 117