Security Affairs

DECEMBER 17, 2023

MongoDB on Saturday announced it is investigating a cyberattack that exposed customer account metadata and contact information. MongoDB on Saturday disclosed it is investigating a cyber attack against certain corporate systems. ” The US firm urges customers to be vigilant for social engineering and phishing attacks.

Social Engineering 119

Social Engineering Data breaches Cyber Attacks Accountability 119

Security Affairs

JANUARY 15, 2020

P&N Bank discloses data breach, customer account information, balances exposed. The Australian P&N Bank is notifying its customers a data breach that has exposed personally identifiable information (PII) and sensitive account data. SecurityAffairs – hacking, data breach).

Data breaches 57

Data breaches Banking Cyber Attacks Accountability 57

Security Affairs

DECEMBER 19, 2023

Comcast’s Xfinity discloses a data breach after a cyber attack hit the company by exploiting the CitrixBleed vulnerability. Comcast’s Xfinity is notifying its customers about the compromise of their data in a cyberattack that involved the exploitation of the CitrixBleed flaw.

Authentication 108

Authentication Data breaches Passwords Internet 108

Security Affairs

APRIL 28, 2024

A credential stuffing attack is a type of cyber attack where hackers use large sets of username and password combinations, typically obtained from previous data breaches, phishing campaigns, or info-stealer infections, to gain unauthorized access to user accounts on various online services.

VPN 110

VPN Accountability Firewall Data breaches 110

Security Affairs

MAY 21, 2023

Please vote for Security Affairs ( [link] ) as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS Vote for me in the sections where is reported Securityaffairs or my name Pierluigi Paganini Please nominate Security Affairs as your favorite blog.

Data breaches 87

Data breaches Cybercrime Ransomware Passwords 87

Security Affairs

JUNE 28, 2020

” “We use Facebook and LinkedIn for account login and do not store any passwords on our system. If you use the legacy email and password login, your passwords are encrypted, but we highly encourage that you change it. We do not store any credit card or payment related information on our servers.”

Media 142

Media Hacking Passwords Data breaches 142

Security Affairs

JUNE 11, 2023

Experts found new MOVEit Transfer SQL Injection flaws The University of Manchester suffered a cyber attack and suspects a data breach Russians charged with hacking Mt. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Social Engineering 88

Social Engineering Data breaches Ransomware Cybercrime 88

Security Affairs

NOVEMBER 28, 2021

Italy’s Antitrust Agency fines Apple and Google for aggressive practices of data acquisition HAEICHI-II: Interpol arrested +1,000 suspects linked to various cybercrimes IKEA hit by a cyber attack that uses stolen internal reply-chain emails Marine services provider Swire Pacific Offshore (SPO) hit by Clop ransomware Threat actors target crypto and (..)

Spyware 81

Spyware Data breaches Cyber Attacks Ransomware 81

Security Affairs

MARCH 24, 2024

surfaces in the threat landscape Pokemon Company resets some users’ passwords Ukraine cyber police arrested crooks selling 100 million compromised accounts New AcidPour wiper targets Linux x86 devices. Is it a Russia’s weapon? Players hacked during the matches of Apex Legends Global Series.

Malware 100

Malware Cybercrime Hacking Cyber threats 100

Security Affairs

FEBRUARY 27, 2021

The telecommunications giant T-Mobile disclosed a data breach after some of its customers were apparently affected by SIM swap attacks. The telecommunications provider T-Mobile has disclosed a data breach after it became aware that some of its customers were allegedly victims of SIM swap attacks.

Mobile 93

Mobile Telecommunications Data breaches Identity Theft 93

Security Affairs

JANUARY 3, 2021

com service that had been previously selling access to data from data breaches. WeLeakInfo.com was a data breach notification service that was allowing its customers to verify if their credentials been compromised in data breaches. ” reads the announcement published by the UK NCA.

Data breaches 113

Data breaches Cybercrime Cyber Attacks Advertising 113

Security Affairs

MARCH 12, 2022

Video game company Ubisoft has suffered a ‘cyber security incident’ that had a severe impact on games, systems, and services. The rumors of a cyber attack against Ubisoft circulated online in the last few days, while data extortion group LAPSUS$ claimed to have hacked the company.

Data breaches 87

Data breaches Telecommunications Hacking Cyber Attacks 87

SecureWorld News

APRIL 7, 2021

Some University of California employees and students are being threatened by cybercriminals following a data breach within the University of California system. for secure file transfers and the list of known victims in this breach is growing. University uses data breach as learning opportunity.

Data breaches 53

Data breaches Information Security Passwords Backups 53

Thales Cloud Protection & Licensing

OCTOBER 24, 2022

The two key themes of the campaigns led by the United States and the European Union – ‘ See Yourself in Cyber ’ and ‘ Think Before U Click ’ - demonstrate that while cybersecurity may seem like a complex technical subject, ultimately, it’s really all about people. Data breaches damage trust. Keep your information secure.

Security Awareness 71

Security Awareness Data breaches Social Engineering Phishing 71

Security Affairs

MARCH 4, 2022

The Russian government fears the consequence of data breaches suffered by its organizations or possible interference by third-party nation state actors that could exploit the ongoing attacks to carry out covet cyber attacks.

DDOS 87

DDOS DNS Backups Data breaches 87

Security Boulevard

MAY 3, 2021

roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, April 2021. The UK Security Service MI5 said 10,000 staff from every UK government department and from important UK industries have been lured by fake LinkedIn profiles.

Ransomware 124

Ransomware Passwords Scams Government 124

Security Affairs

MAY 27, 2022

. “The FBI is informing academic partners of identified US college and university credentials advertised for sale on online criminal marketplaces and publically accessible forums. Crooks obtain the information by conducting spear-phishing and ransomware attacks, or other means.

Cybercrime 131

Cybercrime Education Accountability Phishing 131

Security Affairs

MARCH 6, 2021

” The nature of the data breaches leads the experts into excluding that the hacks were the result of law enforcement operations. In January, experts noticed on the popular Raid Forums an advertisement for the Verified’s database containing registered users’ data and their private messages, posts, and threads.

Cybercrime 145

Cybercrime DDOS Hacking Passwords 145

Security Affairs

FEBRUARY 20, 2023

The crooks have yet to publish samples of the stolen data as proof of the security breach. At this time, it is unclear the volume and the type of data stolen by the ransomware gang. CNN Portugal confirmed that the National Cybersecurity Center and the Judiciary Police are investigating the security breach.

Ransomware 89

Ransomware Cyber Attacks Cybercrime Hacking 89

Security Affairs

SEPTEMBER 10, 2021

The UN’s spokesman Dujarric declared that its the security team of its organization had already detected the attack. . Initially, UN experts stated that no data was exfiltrated, but Resecurity’s team found evidence of a data breach. One of the offices that were hit by a sophisticated cyber attack is the U.N.

Hacking 117

Hacking Data breaches Cyber Attacks Software 117

Security Affairs

AUGUST 28, 2022

If you want to also receive for free the newsletter with the international press subscribe here.

DDOS 70

DDOS Data breaches Malware Antivirus 70

Security Affairs

MARCH 7, 2021

jailbreaking tool Attackers took over the Perl.com domain in September 2020 Bug bounty hunter awarded $50,000 for a Microsoft account hijack flaw Clop ransomware gang leaks data allegedly stolen from cybersecurity firm Qualys Cyber Defense Magazine – March 2021 has arrived.

Data breaches 70

Data breaches Data collection Ransomware Hacking 70

Security Affairs

OCTOBER 21, 2022

Electricity company EnergyAustralia suffered a security breach, threat actors had access to information on 323 customers. Another Australian organization was hit by a severe cyber attack, this time the victim is the Electricity company EnergyAustralia. EnergyAustralia is the country’s third-largest energy retailer.

Passwords 56

Passwords Small Business Banking Retail 56

Krebs on Security

OCTOBER 28, 2020

Five months later, Gunnebo disclosed it had suffered a cyber attack targeting its IT systems that forced the shutdown of internal servers. But the password to the Gunnebo RDP account — “password01” — suggests the security of its IT systems may have been lacking in other areas as well. ”

Hacking 344

Hacking Ransomware Banking Accountability 344

Security Affairs

AUGUST 16, 2022

A cyber attack disrupted the IT operations of South Staffordshire Water, a company supplying drinking water to 1.6M South Staffordshire Water has issued a statement confirming the security breach, the company pointed out that the attack did not impact the safety and water distribution systems. consumers daily.

Cyber Attacks 83

Cyber Attacks Ransomware Media Passwords 83

Security Affairs

APRIL 6, 2022

Ukraine’s technical security and intelligence service warns of threat actors targeting aimed at gaining access to users’ Telegram accounts. State Service of Special Communication and Information Protection (SSSCIP) of Ukraine spotted a new wave of cyber attacks aimed at gaining access to users’ Telegram accounts.

Accountability 103

Accountability Phishing Passwords Hacking 103

Security Affairs

DECEMBER 22, 2019

The best news of the week with Security Affairs. Iran announced to have foiled a second cyber-attack in a week. Largest hospital system in New Jersey was hit by ransomware attack. A thief stole hard drives containing Facebook payroll data from a car. A study reveals the list of worst passwords of 2019.

Data breaches 55

Data breaches Retail Advertising Passwords 55

Security Affairs

MARCH 1, 2020

ISS reveals malware attack impacted parts of the IT environment. ObliqueRAT, a new malware employed in attacks on government targets in Southeast Asia. FBI recommends using passphrases instead of complex passwords. Slickwraps discloses data leak that impacted 850,000 user accounts. Lampion malware v2 February 2020.

Banking 91

Banking Malware Advertising Ransomware 91

Security Affairs

SEPTEMBER 29, 2019

Thinkful forces a password reset for all users after a data breach. TortoiseShell Group targets IT Providers in supply chain attacks. Czech Intelligence ‘s report attributes major cyber attack to China. Heyyo dating app left its users data exposed online. APT or not APT? The Dumb-Proof Guide.

Data breaches 52

Data breaches Advertising Malware VPN 52

Security Affairs

DECEMBER 25, 2022

Expert found Backdoor credentials in ZyXEL LTE3301 M209 Raspberry Robin malware used in attacks against Telecom and Governments TikTok parent company ByteDance revealed the use of TikTok data to track journalists BetMGM discloses security breach impacting 1.5 Pierluigi Paganini. SecurityAffairs – hacking, newsletter).

Ransomware 91

Ransomware Hacking Malware Encryption 91

Security Affairs

JULY 8, 2023

Google addressed 3 actively exploited flaws in Android Iran-linked APT TA453 targets Windows and macOS systems Bangladesh government website leaked data of millions of citizens A man has been charged with a cyber attack on the Discovery Bay water treatment facility Progress warns customers of a new critical flaw in MOVEit Transfer software CISA and (..)

Firewall 84

Firewall Ransomware Password Management Malware 84

Hacker's King

MAY 14, 2023

With businesses and individuals relying heavily on technology to store and process sensitive information, there is a growing need for cybersecurity professionals to protect these systems from cyber-attacks and data breaches. These tools could be anything from network scanning tools to password-cracking software.

Cybersecurity 40

Cybersecurity Cyber Attacks Marketing Hacking 40

Security Affairs

MARCH 17, 2023

Insider assaults are more challenging to identify and thwart than external attacks, according to 48% of respondents. It can be challenging for defences to distinguish between insider threats and regular user activity since insider threats employ genuine accounts, passwords, and IT technologies.

Social Engineering 81

Social Engineering Risk Technology Cybersecurity 81

Security Affairs

OCTOBER 23, 2020

In at least one compromise, the APT actor laterally traversed an SLTT victim network and accessed documents related to sensitive network configurations and passwords, standard operating procedures (SOP), IT instructions, such as requesting password resets, vendors and purchasing information. printing access badges.

Government 115

Government Hacking Advertising Passwords 115

Security Affairs

DECEMBER 25, 2022

Expert found Backdoor credentials in ZyXEL LTE3301 M209 Raspberry Robin malware used in attacks against Telecom and Governments TikTok parent company ByteDance revealed the use of TikTok data to track journalists BetMGM discloses security breach impacting 1.5 Pierluigi Paganini. SecurityAffairs – hacking, newsletter).

Ransomware 52

Ransomware Hacking Malware Encryption 52

NopSec

AUGUST 16, 2022

The CIS Critical Security Controls can be seen as a roadmap for implementing a successful cybersecurity program. SANS is an organization dedicated to information security training and security certification, and the Critical Security Controls effort focuses on prioritizing security controls that have demonstrated real-world effectiveness.

Penetration Testing 52

Penetration Testing Social Engineering Firewall Software 52

Security Affairs

MARCH 10, 2022

Threat actors are spreading password-stealing malware disguised as a security tool to target Ukraine’s IT Army. A Telegram channel was used to coordinate the efforts and plan the cyber-attacks that will be conducted by the IT Army.

DDOS 84

DDOS Digital transformation Malware Advertising 84