Security Affairs

JANUARY 13, 2024

Akira ransomware targets Finnish organizations GitLab fixed a critical zero-click account hijacking flaw Juniper Networks fixed a critical RCE bug in its firewalls and switches Vast Voter Data Leaks Cast Shadow Over Indonesia ’s 2024 Presidential Election Researchers created a PoC for Apache OFBiz flaw CVE-2023-51467 Team Liquid’s wiki leak exposes (..)

VPN 107

VPN Cybercrime Ransomware Hacking 107

Security Affairs

NOVEMBER 3, 2021

Experts warn of the availability in the cybercrime underground of offers for initial access to networks of players in global supply chains. “It’s extremely beneficial that security teams in the shipping industry monitor and track adversaries, their tools and malicious behavior to stop attacks from these criminals.”

Cybercrime 109

Cybercrime VPN Ransomware Hacking 109

The Last Watchdog

OCTOBER 24, 2022

Employee security awareness is the most important defense against data breaches. Related: Leveraging security standards to protect your company. It involves regularly changing passwords and inventorying sensitive data. As such, you should limit the amount of information that employees have access to.

Passwords 214

Passwords Security Awareness Data breaches Cybersecurity 214

Security Affairs

JULY 9, 2020

More than 15 billion username and passwords are available on cybercrime marketplaces, including over 5 billion unique credentials, states the experts. Crooks could use the credentials to launch credential stuffing attacks leveraging the data available in the black marketplaces. SecurityAffairs – hacking, cybercrime marketplaces).

Cybercrime 118

Cybercrime Antivirus Marketing Accountability 118

Security Affairs

APRIL 28, 2024

From March 18, 2024, to April 16, 2024, Duo Security and Cisco Talos observed large-scale brute-force attacks against a variety of targets, including VPN services, web application authentication interfaces and SSH services.

VPN 110

VPN Accountability Firewall Data breaches 110

Security Affairs

NOVEMBER 28, 2023

In the meantime, the company declared they are just “Experiencing Interruption in Phone Service” At the time the group has published a.txt file that contains the list of the alleged stolen data. The Daixin Team is a ransomware and data extortion group that has been active since at least June 2022.

Hacking 120

Hacking VPN Ransomware Cybercrime 120

Security Affairs

JANUARY 21, 2024

Admin of the BreachForums hacking forum sentenced to 20 years supervised release Russia-linked Midnight Blizzard APT hacked Microsoft corporate emails VF Corp December data breach impacts 35 million customers China-linked APT UNC3886 exploits VMware zero-day since 2021 Ransomware attacks break records in 2023: the number of victims rose by 128% U.S.

Artificial Intelligence 97

Artificial Intelligence VPN Hacking Firewall 97

Security Affairs

JUNE 20, 2021

New Device Fingerprint Spoofing Tool Available in Dark Web The source code of the Paradise Ransomware was leaked on XSS hacking forum Fujifilm restores operations after recent ransomware attack Cyberium malware-hosting domain employed in multiple Mirai variants campaigns A flaw in Peloton Bike+ could allow hackers to control it An international joint (..)

Data breaches 100

Data breaches DDOS Small Business Ransomware 100

Security Affairs

DECEMBER 31, 2021

The Have I Been Pwned data breach notification service now includes credentials for 441K accounts that were stolen by RedLine malware. The Have I Been Pwned data breach notification service now allows victims of the RedLine malware to check if their credentials have been stolen.

Accountability 132

Accountability Malware Data breaches Passwords 132

Security Affairs

JULY 11, 2020

The Russian hacker Yevgeniy Nikulin found guilty for LinkedIn, Dropbox, and Formspring data breach back in 2012 and the sale of their users’ data. Nikulin used data stolen from Linkedin to launch spear-phishing attacks against employees at other companies, including Dropbox. SecurityAffairs – hacking, cybercrime).

Hacking 78

Hacking Cybercrime Data breaches Advertising 78

Security Affairs

JANUARY 13, 2024

” The ransomware attack reported in late 2023, targeted organizations’ networks using poorly secured VPN gateway on Cisco ASA or FTD devices. The attackers exploited the vulnerability CVE-2023-20269 in Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD).

Ransomware 111

Ransomware Backups VPN Authentication 111

Security Affairs

MAY 9, 2021

Experts found critical authentication bypass flaw in HPE Edgeline Infrastructure Manager UNC2529, a new sophisticated cybercrime gang that targets U.S.

Data breaches 88

Data breaches DDOS VPN Hacking 88

Security Affairs

DECEMBER 3, 2022

Google fixed the ninth actively exploited Chrome zeroday this year A new Linux flaw can be chained with other two bugs to gain full root privileges Attack of drones: airborne cybersecurity nightmare Cuba Ransomware received over $60M in Ransom payments as of August 2022 Android Keyboard Apps with 2 Million downloads can remotely hack your device New (..)

Spyware 93

Spyware Data breaches VPN Hacking 93

Security Affairs

AUGUST 8, 2021

Ivanti fixed a critical code execution issue in Pulse Connect Secure VPN RansomEXX ransomware leaks files stolen from Italian luxury brand Zegna VMware addresses critical flaws in its products CVE-2021-20090 actively exploited to target millions of IoT devices worldwide RansomEXX ransomware hit computer manufacturer and distributor GIGABYTE.

VPN 99

VPN Ransomware Manufacturing IoT 99

Security Affairs

JANUARY 3, 2021

HackerOne announces first bug hunter to earn more than $2M in bug bounties SolarWinds releases updated advisory for SUPERNOVA backdoor Vermont Hospital confirmed the ransomware attack E-commerce app 21 Buttons exposes millions of users data Finland confirms that hackers breached MPs emails accounts Multi-platform card skimmer targets Shopify, BigCommerce, (..)

Data breaches 96

Data breaches Mobile VPN Firewall 96

Security Affairs

JANUARY 13, 2024

” The ransomware attack reported in late 2023, targeted organizations’ networks using poorly secured VPN gateway on Cisco ASA or FTD devices. The attackers exploited the vulnerability CVE-2023-20269 in Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD).

Ransomware 86

Ransomware Backups VPN Authentication 86

Security Affairs

MARCH 21, 2022

Microsoft is investigating claims that the Lapsus$ hacking group breached its internal Azure DevOps source code repositories. Microsoft announced that is investigating claims that the Lapsus$ cybercrime gang breached their internal Azure DevOps source code repositories and stolen data.

Hacking 93

Hacking Telecommunications InfoSec Cybercrime 93

Security Affairs

DECEMBER 18, 2022

years in jail for spying on behalf of Saudi Arabia Social Blade discloses security breach Data of 5.7M years in jail for spying on behalf of Saudi Arabia Social Blade discloses security breach Data of 5.7M Samba addressed multiple high-severity vulnerabilities Former Twitter employee sentenced to 3.5

Data breaches 92

Data breaches Hacking DDOS VPN 92

Security Affairs

APRIL 23, 2022

The popular investigator and journalist Brian Krebs first surmised that the LAPSUS$ gang has breached T-Mobile after he reviewed a copy of the private chat messages between members of the cybercrime group. Telegram channels that were restricted to the core seven members of the group – Source KrebsonSecurity. ” wrote Krebs.

Mobile 96

Mobile VPN Social Engineering Telecommunications 96

Security Affairs

MARCH 21, 2020

” reads the data breach notification published by the company. “At this time, we strongly believe that the incident was the result of a ransomware attack and do not have any evidence that customer or employee data was accessed or exfiltrated, nor do we believe our clients’ networks were impacted.”

Cyber Attacks 114

Cyber Attacks Data breaches Advertising Ransomware 114

Security Affairs

NOVEMBER 29, 2020

A cyberattack crippled the IT infrastructure of the City of Saint John Hundreds of female sports stars and celebrities have their naked photos and videos leaked online Romanians arrested for running underground malware services Threat actor shared a list of 49,577 IPs vulnerable Fortinet VPNs Computer Security and Data Privacy, the perfect alliance (..)

Data breaches 86

Data breaches Social Engineering Ransomware Malware 86

Security Affairs

JANUARY 22, 2023

The Irish DPC fined WhatsApp €5.5M

Data breaches 90

Data breaches Retail Malware VPN 90

Security Affairs

SEPTEMBER 10, 2020

Equinix, one of the leaders in the global colocation data center market share, with 205 data centers in 25 countries on five continents, was hit by Netwalker ransomware operators. The popular cybercrime gang is demanding a $4.5 million ransom for a decryptor and to prevent the release of the stolen data.

Ransomware 107

Ransomware VPN Data breaches Advertising 107

Security Affairs

JANUARY 19, 2020

Hacker offers for sale 49 million user records from US data broker LimeLeads. P&N Bank data breach may have impacted 100,000 West Australians. Chinese police arrested the operator of unauthorized VPN service that made $1.6 Law enforcement seized WeLeakInfo.com for selling access to data from data breaches.

Data breaches 54

Data breaches Advertising VPN Cybercrime 54

Security Affairs

OCTOBER 24, 2021

Supply-chain attack on NPM Package UAParser, which has millions of daily downloads Facebook SSRF Dashboard allows hunting SSRF vulnerabilities Groove ransomware group calls on other ransomware gangs to hit US public sector DarkSide ransomware operators move 6.8M

Artificial Intelligence 59

Artificial Intelligence Ransomware Hacking VPN 59

Security Affairs

OCTOBER 3, 2021

Threat actors exploit a flaw in Coinbase 2FA to steal user funds Flubot Android banking Trojan spreads via fake security updates Th Tim’s RED Team Research reports 3 new CVEs, two of which in 4G/5G Baby died at Alabama Springhill Medical Center due to cyber attack Hydra Android trojan campaign targets customers of European banks Neiman Marcus discloses (..)

Banking 52

Banking Data breaches Malware VPN 52

Security Affairs

OCTOBER 25, 2022

The Hive ransomware gang, which claimed the responsibility for the Tata Power data breach, started leaking data. Threat actors hit the Information Technology (IT) infrastructure of the company. The company confirmed that the security breach impacted “some of its IT systems.”. key files.

Ransomware 88

Ransomware Data breaches Cyber Attacks Engineering 88

Security Affairs

SEPTEMBER 12, 2022

Upon achieving an MFA push acceptance, the attacker had access to the VPN in the context of the targeted user. The attacker ultimately succeeded in achieving an MFA push acceptance, granting them access to VPN in the context of the targeted user. .

Ransomware 100

Ransomware VPN Authentication Phishing 100

Security Affairs

NOVEMBER 14, 2021

Hundreds of thousands of fake warnings of cyberattacks sent from a hacked FBI email server GravityRAT returns disguised as an end-to-end encrypted chat app Intel and AMD address high severity vulnerabilities in products and drivers New evolving Abcbot DDoS botnet targets Linux systems Retail giant Costco discloses data breach, payment card data exposed (..)

Spyware 53

Spyware Data breaches Ransomware Retail 53

Security Affairs

AUGUST 7, 2022

of its users due to the exposure of salted password hashes Twitter confirms zero-day used to access data of 5.4 Greek intelligence service used surveillance malware to spy on a journalist, Reuters reports Slack resets passwords for about 0.5%

Spyware 123

Spyware Manufacturing Small Business Surveillance 123

Security Affairs

JANUARY 1, 2022

The popular whistleblower Edward Snowden recommends customers of ExpressVPN VPN service to stop using it. The development team behind the Linux Mint distro has fixed a security flaw that could have allowed users to bypass the OS screensaver. This post includes Top Posts for the last 365 days.

Hacking 96

Hacking VPN Passwords Ransomware 96

Security Affairs

JANUARY 15, 2023

Most internet-exposed Cacti servers exposed to hacking French CNIL fined Tiktok $5.4

Small Business 88

Small Business Password Management VPN Healthcare 88

Security Affairs

NOVEMBER 17, 2019

TA505 Cybercrime targets system integrator companies. Tracking Iran-linked APT33 group via its own VPN networks. Experts warn of spike in TCP DDoS reflection attacks targeting Amazon, SoftLayer and telco infrastructure. Facebook is secretly using iPhones camera as users scroll their feed.

DDOS 52

DDOS Spyware Advertising Ransomware 52

Security Affairs

APRIL 3, 2022

Anonymous leaked 15 GB of data allegedly stolen from the Russian Orthodox Church UK Police charges two teenagers for their alleged role in the Lapsus$ extortion group Beastmode Mirai botnet now includes exploits for Totolink routers Ukraine intelligence leaks names of 620 alleged Russian FSB agents Critical CVE-2022-1162 flaw in GitLab allowed threat (..)

Firewall 78

Firewall Hacking DDOS VPN 78

Security Affairs

SEPTEMBER 27, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

IoT 102

IoT Banking Advertising Ransomware 102

Security Affairs

MARCH 10, 2022

It is injected with the malicious code, which consists of the Phoenix information stealer.” The variant employed in the attack against the IT Army is able to steal a broad range of data, including web browser data, VPN tools, Discord, Steam, and cryptocurrency wallets. ” continues the report. 35) on port 6666.

DDOS 84

DDOS Digital transformation Malware Advertising 84

Security Affairs

FEBRUARY 4, 2024

Ransomware Revenue Down As More Victims Refuse to Pay Energy giant Schneider Electric hit by Cactus ransomware attack Hundreds Of Network Operators’ Credentials Found Circulating In Dark Web Fla.

Identity Theft 106

Identity Theft VPN Malware Ransomware 106