Cybercrime, Hacking, Information Security and Passwords

Moldovan citizen sentenced in connection with the E-Root cybercrime marketplace case

Security Affairs

MARCH 15, 2024

US DoJ sentenced a Moldovan national (31) to 42 months in federal prison for operating the E-Root cybercrime marketplace. Diaconu was operating the E-Root cybercrime marketplace. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, cybercrime)

Cybercrime

Cybercrime Cryptocurrency Advertising Passwords

Hackers breached four prominent underground cybercrime forums

Security Affairs

MARCH 6, 2021

A suspicious wave of attacks resulted in the hack of four cybercrime forums Verified, Crdclub, Exploit, and Maza since January. Since January, a series of mysterious cyberattacks that resulted in the hack of popular Russian-language cybercrime forums. No other information looked to be compromised in the attack.”

Cybercrime

Cybercrime DDOS Hacking Passwords

New MacStealer macOS malware appears in the cybercrime underground

Security Affairs

MARCH 27, 2023

A new MacStealer macOS malware allows operators to steal iCloud Keychain data and passwords from infected systems. Uptycs researchers team discovered a new macOS information stealer, called MacStealer, which allows operators to steal iCloud Keychain data and passwords from infected systems.

Cybercrime

Cybercrime Malware Passwords Advertising

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

FBI will share compromised passwords with HIBP Pwned Passwords

Security Affairs

MAY 29, 2021

The FBI is going to share compromised passwords discovered during investigations with Have I Been Pwned (HIBP)’s ‘Pwned Passwords’ service. The Pwned Passwords service allows users to search for known compromised passwords and discover how many times they have been found in past data breaches.

Passwords

Passwords Data breaches Cybercrime Hacking

Diicot cybercrime gang expands its attack capabilities

Security Affairs

JUNE 19, 2023

Cado researchers recently detected an interesting attack pattern linked to an emerging cybercrime group tracked as Diicot (formerly, “Mexals”) and described in analyses published by Akamai and Bitdefender. This campaign specifically targets SSH servers exposed to the internet with password authentication enabled.

Cybercrime

Cybercrime DDOS Internet Internet

FBI: Compromised US academic credentials available on various cybercrime forums

Security Affairs

MAY 27, 2022

The FBI warns organizations in the higher education sector of credentials sold on cybercrime forums that can allow threat actors to access their networks. In May 2021, over 36,000 email and password combinations for.edu email accounts were offered for sale on a publically available instant messaging platform. Pierluigi Paganini.

Cybercrime

Cybercrime Education Accountability Phishing

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Krebs on Security

JULY 18, 2023

[This is Part III in a series on research conducted for a recent Hulu documentary on the 2015 hack of marital infidelity website AshleyMadison.com.] com , a service that sold access to billions of passwords and other data exposed in countless data breaches. In 2019, a Canadian company called Defiant Tech Inc. Abusewith[.]us

Hacking

Hacking Accountability Data breaches Marketing

Threat actor leaked data for U.S. gun exchange site on hacking forum

Security Affairs

AUGUST 13, 2020

A threat actor has released the databases of Utah-based gun exchange and hunting sites for free on a cybercrime forum. On August 10th, a hacker has leaked online the databases of Utah-based gun exchange for free on a cybercrime forum. The leaked data includes login names, hashed passwords, and email addresses.

Hacking

Hacking Data breaches Cybercrime Passwords

15 billion credentials available in the cybercrime marketplaces

Security Affairs

JULY 9, 2020

More than 15 billion username and passwords are available on cybercrime marketplaces, including over 5 billion unique credentials, states the experts. According to the company, most of the username and password combinations are available for free, and 5 billion of the above credentials are “unique.” Pierluigi Paganini.

Cybercrime

Cybercrime Antivirus Marketing Accountability

Crooks hacked Mandiant X account to push cryptocurrency scam

Security Affairs

JANUARY 4, 2024

The X account of cybersecurity giant Mandiant was hacked, attackers used it to impersonate the Phantom crypto wallet and push a cryptocurrency scam. Crooks hacked the X account of cybersecurity firm Mandiant and used it to impersonate the Phantom crypto platform and share a cryptocurrency scam. “Sorry, change password please.”

Scams

Scams Cryptocurrency Accountability Hacking

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

Security Affairs

OCTOBER 10, 2020

Microsoft has uncovered Zerologon attacks that were allegedly conducted by the infamous TA505 Russia-linked cybercrime group. Microsoft spotted a series of Zerologon attacks allegedly launched by the Russian cybercrime group tracked as TA505 , CHIMBORAZO and Evil Corp. SecurityAffairs – hacking, Zerologon). Pierluigi Paganini.

Cybercrime

Cybercrime Security Intelligence Authentication Banking

Asian media firm E27 hacked, attackers asked for a “donation”

Security Affairs

JUNE 28, 2020

Asian media firm E27 suffered a security breach and hackers asked for a “donation” to provide information on the flaws they exploited in the attack. ” “We use Facebook and LinkedIn for account login and do not store any passwords on our system. SecurityAffairs – hacking, E27). Pierluigi Paganini.

Media

Media Hacking Passwords Data breaches

Hotarus Corp gang hacked Ecuador’s Ministry of Finance and Banco Pichincha

Security Affairs

FEBRUARY 27, 2021

‘Hotarus Corp’ Ransomware operators hacked Ecuador’s largest private bank, Banco Pichincha, and the country’s Ministry of Finance. ?A breach #infosec #deepwebnews @FinanzasEc @EcuCERT_EC pic.twitter.com/WTbXz8EYLx — Security Chronicle (@SecurChronicle) February 23, 2021. Pierluigi Paganini.

Hacking

Hacking Banking Ransomware Passwords

Plex discloses data breach and urges password reset

Security Affairs

AUGUST 24, 2022

The streaming media platform Plex is urging its users to reset passwords after threat actors gained access to its database. Exposed data includes emails, usernames, and encrypted passwords. The company is urging all users to immediately reset account passwords and log out of all devices connected to its service.

Data breaches

Data breaches Passwords Media Accountability

Info stealers and how to protect against them

Security Affairs

DECEMBER 18, 2023

These pieces of malware are created with the intent of stealing valuable data, such as login credentials, financial information, personal details, and more. This data may include usernames, passwords, credit card numbers, social security numbers, and other sensitive information.

Banking

Banking Cybercrime Malware Accountability

Medusa ransomware gang claims the hack of Toyota Financial Services

Security Affairs

NOVEMBER 17, 2023

Toyota Financial Services discloses unauthorized activity on systems after the Medusa ransomware gang claimed to have hacked the company. Medusa Toyota has set the deadline for November 26 and has published a sample of the stolen data as proof of the hack.

Financial Services

Financial Services Hacking Ransomware Data breaches

Phorpiex botnet sent millions of phishing emails to deliver LockBit Black ransomware

Security Affairs

MAY 13, 2024

” To defend against ransomware campaign like this one, NJCCIC provided the following recommendations: Security Awareness Training : Engage in security awareness training to enhance defense mechanisms and recognize potential signs of malicious communications.

Phishing

Phishing Ransomware Security Awareness Authentication

UNC2465 cybercrime group launched a supply chain attack on CCTV vendor

Security Affairs

JUNE 17, 2021

UNC2465 cybercrime group that is affiliated with the Darkside ransomware gang has infected with malware the website of a CCTV camera vendor. Experts noticed that in this supply chain attack, UNC2465 did not deliver the Darkside ransomware as the final payload, but they not exclude that the cybercrime group could move to a new RaaS operation.

Cybercrime

Cybercrime Ransomware Antivirus Software

Anonymous #OpRussia Thousands of sites hacked, data leaks and more

Security Affairs

MARCH 5, 2022

Anonymous announced to have hacked more than 2,500 websites linked to the Russian and Belarusian governments, state-owned media outlets spreading disinformation, Russian private organizations, banks, hospitals, airports. SecurityAffairs – hacking, Anonymous). Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Hacking

Hacking Government Banking Media

Alleged Extortioner of Psychotherapy Patients Faces Trial

Krebs on Security

NOVEMBER 16, 2023

In a 2,200-page report, Finnish authorities laid out how they connected the extortion spree to Kivimäki, a notorious hacker who was convicted in 2015 of perpetrating tens of thousands of cybercrimes, including data breaches, payment fraud, operating a botnet and calling in bomb threats.

Cybercrime

Cybercrime Hacking Data breaches Banking

Security Affairs newsletter Round 464 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

MARCH 24, 2024

surfaces in the threat landscape Pokemon Company resets some users’ passwords Ukraine cyber police arrested crooks selling 100 million compromised accounts New AcidPour wiper targets Linux x86 devices. Players hacked during the matches of Apex Legends Global Series. Is it a Russia’s weapon?

Malware

Malware Cybercrime Hacking Cyber threats

Indian video on demand giant ZEE5 has been hacked

Security Affairs

JUNE 7, 2020

The Indian video on demand giant ZEE5 has been hacked, attackers are threatening to sell the database on the cybercrime underground markets. Now, Kanishk Tagade from Quickcyber confirmed the hack of the Indian video streaming giant. . “A person or a hacking group claiming to have gained access to the network of ZEE5.com,

Hacking

Hacking Cybercrime Advertising Passwords

Tainted password-cracking software for industrial systems used to spread P2P Sality bot

Security Affairs

JULY 15, 2022

Threat actors behind the campaign used multiple accounts across several social media platforms to advertise password-cracking software for Programmable Logic Controller (PLC), Human-Machine Interface (HMI), and project files. The password cracking software also acts as a dropper for the Sality P2P bot. ” concludes the report.

Passwords

Passwords Software Firmware Malware

New Windows Meduza Stealer targets tens of crypto wallets and password managers

Security Affairs

JULY 3, 2023

The malware also targets crypto wallet extensions, password managers, and 2FA extensions. The malware also collects a variety of data, including system info, browser info, password manager info, miner related registry info, and installed games info. The malware admin declared that their operations do not involve any ransom activities.

Password Management

Password Management Passwords Malware Antivirus

Law enforcement operation dismantled phishing-as-a-service platform LabHost

Security Affairs

APRIL 18, 2024

. “Australian offenders are allegedly among 10,000 cybercriminals globally who have used the platform, known as LabHost, to trick victims into providing their personal information, such as online banking logins, credit card details and passwords, through persistent phishing attacks sent via texts and emails.”

Phishing

Phishing Cybercrime Passwords Banking

Morgan Stanley discloses data breach after the hack of a third-party vendor

Security Affairs

JULY 8, 2021

The American multinational investment bank and financial services firm Morgan Stanley discloses a data breach caused by the hack of an Accellion FTA server of a third-party vendor. The hack of the FTA server took place in March, but the hacker had access to the data of Morgan Stanley customers in May. ” reads the letter.

Data breaches

Data breaches Hacking Banking Financial Services

Yevgeniy Nikulin, Russian hacker behind Dropbox and LinkedIn hacks found guilty

Security Affairs

JULY 11, 2020

A jury found Russian hacker Yevgeniy Nikulin guilty for the hack of LinkedIn, Dropbox, and Formspring back in 2012 and for the sale of the stolen data on cybercrime black marketplaces. The Russian man stole roughly 117 million user records, including usernames, passwords, and emails. SecurityAffairs – hacking, cybercrime).

Hacking

Hacking Cybercrime Data breaches Advertising

A database containing data of +8.9 million Zacks users was leaked online

Security Affairs

JUNE 13, 2023

A database containing the personal information of more than 8.9 million Zacks Investment Research users was leaked on a cybercrime forum. A database containing personal information of 8,929,503 Zacks Investment Research users emerged on a popular hacking forum on June 10, 2023. ” reported HIBP.

Data breaches

Data breaches Passwords Cybercrime Encryption

Threat actor claims to have hacked European manufacturer of missiles MBDA

Security Affairs

JULY 31, 2022

Threat actors that go online with the moniker Adrastea claim to have hacked the multinational manufacturer of missiles MBDA. A threat actor that goes online with the moniker Adrastea , and that defines itself as a group of independent cybersecurity specialists and researchers, claims to have hacked MBDA. “Hello! .

Manufacturing

Manufacturing Hacking Passwords Cybersecurity

Who and What is Behind the Malware Proxy Service SocksEscort?

Krebs on Security

JULY 25, 2023

Researchers this month uncovered a two-year-old Linux-based remote access trojan dubbed AVrecon that enslaves Internet routers into botnet that bilks online advertisers and performs password-spraying attacks. Usually, these users have no idea their systems are compromised.

Malware

Malware VPN Internet Internet

AT&T is notifying millions of customers of data breach after a third-party vendor hack

Security Affairs

MARCH 10, 2023

AT&T is warning some of its customers that some of their information was exposed after the hack of a third-party vendor’s system. AT&T is notifying millions of customers that some of their information was exposed after a third-party vendor was hacked. Social Security Number, account passwords).

Data breaches

Data breaches Hacking Wireless Telecommunications

Swiss real estate agency Neho fails to put a password on its systems

Security Affairs

MAY 31, 2023

The file contained PostgreSQL and Redis databases credentials, including host, port, username, and password. Typically, these instances serve as potential treasure troves, housing crucial information such as customer records, payment data, and a myriad of other invaluable details. env) hosted on the official Neho’s website.

Passwords

Passwords Phishing Accountability Banking

Over 3.7 million accounts were compromised in the FlexBooker data breach

Security Affairs

JANUARY 7, 2022

Stolen data are now available for sale on multiple cybercrime forums. The threat actors claim the stolen database contains customer information, including names, emails, phone numbers, hashed passwords, and password salt. The data was found being actively traded on a popular hacking forum. million accounts.

Data breaches

Data breaches Accountability Passwords Cybercrime

France Travail data breach impacted 43 Million people

Security Affairs

MARCH 16, 2024

The security breach exposed the surnames, first names and social security numbers of impacted individuals. Email addresses, phone numbers, passwords and financial data are not exposed. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, France Travail)

Data breaches

Data breaches Cybercrime Government Ransomware

NBA is warning fans of a data breach after a third-party newsletter service hack

Security Affairs

MARCH 19, 2023

The data breach did not compromise usernames, passwords, and other information. “There is no indication that our systems, your username, password, or any other information you have shared with us have been impacted.”

Data breaches

Data breaches Hacking Passwords Phishing

Cisco was hacked by the Yanluowang ransomware gang

Security Affairs

AUGUST 10, 2022

The user had enabled password syncing via Google Chrome and had stored their Cisco credentials in their browser, enabling that information to synchronize to their Google account.” SecurityAffairs – hacking, Yanluowang ransomware). ” reads the analysis published by Cisco Talos. Pierluigi Paganini.

Ransomware

Ransomware Hacking VPN Phishing

Security Affairs newsletter Round 433 by Pierluigi Paganini – International edition

Security Affairs

AUGUST 20, 2023

Over 3,000 Android Malware spotted using unsupported/unknown compression methods to avoid detection WinRAR flaw enables remote code execution of arbitrary code #OpFukushima: Anonymous group protests against the plan to dump Fukushima RADIOACTIVE wastewater into Pacific Massive phishing campaign targets users of the Zimbra Collaboration email server (..)

Cybercrime

Cybercrime Hacking Malware Phishing

Raccoon Malware, a success case in the cybercrime ecosystem

Security Affairs

FEBRUARY 24, 2020

Racoon malware , Legion, Mohazo, and Racealer, is an infostealer that recently appeared in the threat landscape that is advertised in hacking forums. The Raccoon stealer is written in C++ by Russian-speaking developers that initially promoted it exclusively on Russian-speaking hacking forums. SecurityAffairs – hacking, malware).

Cybercrime

Cybercrime Malware Cryptocurrency Advertising

Security Affairs newsletter Round 423 by Pierluigi Paganini – International edition

Security Affairs

JUNE 11, 2023

Experts found new MOVEit Transfer SQL Injection flaws The University of Manchester suffered a cyber attack and suspects a data breach Russians charged with hacking Mt. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Social Engineering

Social Engineering Data breaches Ransomware Cybercrime

Okta says 375 customers impacted by the hack, but Lapsus$ gang says it is lying

Security Affairs

MARCH 23, 2022

The gang announced the alleged hack through its Telegram channel and shared a series of screenshots as proof of the hack. Okta confirmed the security breach and revealed that it has impacted 2.5% Logged in to superuser portal with the ability to reset the Password and MFA of ~95% of clients isn’t successful?

Hacking

Hacking Engineering Passwords Data breaches

Cuba ransomware gang hacked 49 US critical infrastructure organizations

Security Affairs

DECEMBER 4, 2021

Upon installing the ransomware, it downloads two executable files, which include the password stealer “pones.exe” and “krots.exe,” (aka) KPOT, which allows threat actors to write to the compromised system’s temporary (TMP) file. SecurityAffairs – hacking, ransomware). The alert includes indicators of compromise and mitigations.

Ransomware

Ransomware Hacking Malware Encryption

Operation TOURNIQUET: Authorities shut down dark web marketplace RaidForums

Security Affairs

APRIL 12, 2022

The illegal dark web marketplace RaidForums has been shut down and its infrastructure seized as a result of the international law enforcement Operation TOURNIQUET coordinated by Europol’s European Cybercrime Centre. Europol will continue working with its international partners to make cybercrime harder – and riskier –to commit.

Cybercrime

Cybercrime Banking Accountability Hacking

Security Affairs newsletter Round 420 by Pierluigi Paganini – International edition

Security Affairs

MAY 21, 2023

Please vote for Security Affairs ( [link] ) as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS Vote for me in the sections where is reported Securityaffairs or my name Pierluigi Paganini Please nominate Security Affairs as your favorite blog.

Data breaches

Data breaches Cybercrime Ransomware Passwords

Hackers may have accessed thousands of accounts on the California state welfare platform

Security Affairs

APRIL 27, 2024

Officials reported that the security breach occurred on February 9, when someone logged into some BenefitsCal users’ accounts. Threat actors exploited reused passwords obtained from third-party websites. Users are recommended to use strong passwords and avoid reusing the same credentials for multiple websites.

Accountability

Accountability Passwords Data breaches Hacking

Moldovan citizen sentenced in connection with the E-Root cybercrime marketplace case

Hackers breached four prominent underground cybercrime forums

Webinars

Trending Sources

New MacStealer macOS malware appears in the cybercrime underground

Webinars

FBI will share compromised passwords with HIBP Pwned Passwords

Diicot cybercrime gang expands its attack capabilities

FBI: Compromised US academic credentials available on various cybercrime forums

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Threat actor leaked data for U.S. gun exchange site on hacking forum

15 billion credentials available in the cybercrime marketplaces

Crooks hacked Mandiant X account to push cryptocurrency scam

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

Asian media firm E27 hacked, attackers asked for a “donation”

Hotarus Corp gang hacked Ecuador’s Ministry of Finance and Banco Pichincha

Plex discloses data breach and urges password reset

Info stealers and how to protect against them

Medusa ransomware gang claims the hack of Toyota Financial Services

Phorpiex botnet sent millions of phishing emails to deliver LockBit Black ransomware

UNC2465 cybercrime group launched a supply chain attack on CCTV vendor

Anonymous #OpRussia Thousands of sites hacked, data leaks and more

Alleged Extortioner of Psychotherapy Patients Faces Trial

Security Affairs newsletter Round 464 by Pierluigi Paganini – INTERNATIONAL EDITION

Indian video on demand giant ZEE5 has been hacked

Tainted password-cracking software for industrial systems used to spread P2P Sality bot

New Windows Meduza Stealer targets tens of crypto wallets and password managers

Law enforcement operation dismantled phishing-as-a-service platform LabHost

Morgan Stanley discloses data breach after the hack of a third-party vendor

Yevgeniy Nikulin, Russian hacker behind Dropbox and LinkedIn hacks found guilty

A database containing data of +8.9 million Zacks users was leaked online

Threat actor claims to have hacked European manufacturer of missiles MBDA

Who and What is Behind the Malware Proxy Service SocksEscort?

AT&T is notifying millions of customers of data breach after a third-party vendor hack

Swiss real estate agency Neho fails to put a password on its systems

Over 3.7 million accounts were compromised in the FlexBooker data breach

France Travail data breach impacted 43 Million people

NBA is warning fans of a data breach after a third-party newsletter service hack

Cisco was hacked by the Yanluowang ransomware gang

Security Affairs newsletter Round 433 by Pierluigi Paganini – International edition

Raccoon Malware, a success case in the cybercrime ecosystem

Security Affairs newsletter Round 423 by Pierluigi Paganini – International edition

Okta says 375 customers impacted by the hack, but Lapsus$ gang says it is lying

Cuba ransomware gang hacked 49 US critical infrastructure organizations

Operation TOURNIQUET: Authorities shut down dark web marketplace RaidForums

Security Affairs newsletter Round 420 by Pierluigi Paganini – International edition

Hackers may have accessed thousands of accounts on the California state welfare platform

Stay Connected