Krebs on Security

JANUARY 11, 2021

Ubiquiti , a major vendor of cloud-enabled Internet of Things (IoT) devices such as routers, network video recorders, security cameras and access control systems, is urging customers to change their passwords and enable multi-factor authentication. The data may also include your address and phone number if you have provided that to us.”

Passwords 362

Passwords Authentication Firmware Accountability 362

Security Affairs

JANUARY 15, 2025

A previously unknown threat actor released config files and VPN passwords for Fortinet FortiGate devices on a popular cybercrime forum. A previously unknown threat actor named Belsen Group published configuration files and VPN passwords for over 15,000 Fortinet FortiGate appliances. “The data includes: IPs.

VPN 132

VPN Passwords Firewall Firmware 132

Krebs on Security

DECEMBER 19, 2024

Cyber threat analysts at Silent Push said they recently received reports from a partner organization that identified an aggressive scanning effort against their website using an Internet address previously associated with a campaign by FIN7 , a notorious Russia-based hacking group.

Hacking 249

Hacking Cybercrime Advertising Data breaches 249

Troy Hunt

FEBRUARY 26, 2018

tl;dr - a collection of nearly 3k alleged data breaches has appeared with a bunch of data already proven legitimate from previous incidents, but also tens of millions of addresses that haven't been seen in HIBP before. It's also interesting because among nearly 3k other breaches, the data contains Dropbox.

Data breaches 242

Data breaches Passwords Accountability Financial Services 242

Security Affairs

OCTOBER 28, 2024

French internet service provider (ISP) Free disclosed a cyber attack, threat actors allegedly had access to customer personal information. that provides voice, video, data, and Internet telecommunications to consumers in France. The seller also published a sample of the stolen data and some screenshots. Free S.A.S.

Cyber Attacks 127

Cyber Attacks Telecommunications Data breaches Banking 127

Troy Hunt

FEBRUARY 25, 2025

We've also added 244M passwords we've never seen before to Pwned Passwords and updated the counts against another 199M that were already in there. This is just one of many channels involved in cybercrime, but it's noteworthy due to the huge amount of freely accessible data.

Passwords 362

Passwords Accountability VPN Malware 362

Krebs on Security

MAY 7, 2022

Apple , Google and Microsoft announced this week they will soon support an approach to authentication that avoids passwords altogether, and instead requires users to merely unlock their smartphones to sign in to websites or online services. “I worry about forgotten password recovery for cloud accounts.” Image: Blog.google.

Passwords 271

Passwords Authentication Accountability Backups 271

Webroot

APRIL 22, 2025

If a company you do business with becomes part of a data breach, cybercriminals may have full access to your confidential information. Unfortunately, data breaches are on the rise and affecting more companies and consumers than ever. billion people received notices that their information was exposed in a data breach.

Data breaches 75

Data breaches Identity Theft Passwords eCommerce 75

Troy Hunt

NOVEMBER 5, 2018

Often it's related to data breaches or sloppy behaviour on behalf of some online service playing fast and loose with HTTPS or passwords or some other easily observable security posture. It's totally going to kill passwords! I know, massive shock right?

Passwords 264

Passwords Authentication Data breaches Accountability 264

The Last Watchdog

NOVEMBER 22, 2021

More Americans than ever are working remotely and seeking out entertainment online, and this increase of internet activity has fueled a dramatic spike in cybercrime. With so much critical data now stored in the cloud, how can people protect their accounts? Proper password hygiene doesn’t require a degree in rocket science.

Passwords 244

Passwords Password Management Accountability Data breaches 244

Tech Republic Security

OCTOBER 11, 2024

The Internet Archive, a non-profit digital library best known for its Wayback Machine, has disclosed a major data breach affecting over 31 million users.

Internet 190

Internet Internet Accountability Data breaches 190

Troy Hunt

NOVEMBER 7, 2018

It's just another day on the internet when the news is full of headlines about accounts being hacked. This is when hackers try usernames and password combos leaked in data breaches at other companies, hoping that some users might have reused usernames and passwords across services.

Passwords 272

Passwords Accountability Hacking Education 272

Malwarebytes

OCTOBER 14, 2024

Update now! Last week on ThreatDown: Hands-on-keyboard (HOK) attacks: How ransomware gangs attack in real-time Ransomware insurance is funding cybercrime, says White House official 5 tools IT admins should block right now Stay safe!

Data breaches 129

Data breaches Surveillance Insurance DDOS 129

Krebs on Security

JULY 29, 2021

Every time there is another data breach, we are asked to change our password at the breached entity. Here’s a closer look at what typically transpires in the weeks or months before an organization notifies its users about a breached database.

Passwords 363

Passwords Password Management Phishing Scams 363

Troy Hunt

NOVEMBER 21, 2017

But it's exactly what it sounds like and on Thursday next week, I'll be up in front of US congress on the other side of the world testifying about the impact of data breaches. For a bit more context, I've been chatting with folks from the House Energy and Commerce Committee for a while now about the mechanics of data breaches.

Data breaches 235

Data breaches InfoSec Backups IoT 235

Malwarebytes

MARCH 26, 2025

Internet security expert and educator Troy Hunt disclosed this week that he had been hit by one of the oldestand most provenscams in the online world: A phishing attack. Hunt also noticed that, when he tried to log into his Mailchimp account by following the phishing emails link, his password manager did not auto-fill his account details.

Phishing 133

Phishing Data breaches Password Management Scams 133

Krebs on Security

OCTOBER 18, 2024

22, 2022, in which they offered the email address and password for 659 members of the Brazilian Federal Police. Additional reporting revealed National Public Data had inadvertently published its own passwords on the Internet.

Social Engineering 278

Social Engineering Passwords Cybercrime Mobile 278

Krebs on Security

NOVEMBER 14, 2024

A week after breaking the story about the 2013 data breach at Target, KrebsOnSecurity published Who’s Selling Cards from Target? . “I’m also godfather of his second son.” ” Dmitri Golubov, circa 2005. Image: U.S. Postal Investigative Service. “Hi, how are you?” ” he inquired.

Retail 274

Retail Advertising Cryptocurrency Cybercrime 274

The Last Watchdog

AUGUST 19, 2021

The configuration issue made this access point publicly available on the Internet. T-Mobile is offering two free years of identity protection for affected customers, but ultimately this is pushing the responsibility for the safety of the data onto the user. For T-Mobile, this is the sixth major breach since 2018.

Mobile 235

Mobile Data breaches Authentication Accountability 235

Malwarebytes

FEBRUARY 14, 2025

Over the years Zacks has suffered a few data breaches. In 2023, data allegedly belonging to Zacks containing 8,615,098 records was leaked online. The most recent data in this database is from May 2020. This breach is also being publicly shared on the internet. Change your password.

Accountability 99

Accountability Data breaches Passwords Phishing 99

Hot for Security

APRIL 28, 2021

The online musical instrument marketplace Reverb has suffered a data breach which has exposed the personal details of 5.6 According to Diachenko, the exposed data included information about high profile rock musicians such as Bill Ward of Black Sabbath, Jimmy Chamberlin of the Smashing Pumpkins, Alessandro Cortini of Nine Inch Nails.

Data breaches 139

Data breaches Passwords Internet Internet 139

Security Affairs

JULY 8, 2024

Threat actors leaked the largest password compilation ever, known as RockYou2024, on a popular hacking forum. The Cybernews researchers reported that threat actors leaked the largest password compilation ever, known as RockYou2024, on a popular hacking forum. billion passwords from various internet data leaks.

Passwords 133

Passwords Data breaches Hacking Accountability 133

Security Affairs

JANUARY 3, 2021

Data from major cyber security firms revealed that tens of billion records have been exposed in data breaches exposed in 2020. Below the list of top data breaches that took place in the last 12 months: May 2020 – CAM4 adult cam site leaked 11B database records including emails, private chats.

Data breaches 145

Data breaches Cybercrime Hacking Passwords 145

Hot for Security

JUNE 8, 2021

The most extensive data leak collection to date, dubbed ‘RockYou2021’, was dumped on popular hacking forums earlier this month. billion password entries, presumably obtained from previous data leaks and breaches. Cybercriminals can use the database to conduct password-spraying or brute force attacks.

Passwords 145

Passwords Accountability Password Management Internet 145

Adam Levin

JULY 10, 2020

2020 is on the path to becoming a record-breaking year for data breaches and compromised personal data. While the number of publicly reported breaches in Q1 2020 decreased by 58% compared to 2019, the coronavirus pandemic gave cybercriminals new ways to thrive,” wrote Bitdefender researcher and blogger Alina Bizga.

Data breaches 252

Data breaches Social Engineering Antivirus Scams 252

Zero Day

JUNE 6, 2025

X Trending Memorial Day tech sales 2025 Memorial Day TV sales 2025 Memorial Day lawn & outdoor sales 2025 Memorial Day phone sales 2025 Memorial Day health tracker sales 2025 Memorial Day headphone sales 2025 Memorial Day laptop sales 2025 Best CRM software of 2025 Best small business CRM software of 2025 Best free website builders of 2025 Best (..)

Password Management 128

Password Management Passwords Software Artificial Intelligence 128

Adam Levin

MARCH 23, 2020

Secure Your Router: If you’re still using your router’s manufacturer default password, it’s past time for a change. Your password should be include letters, numbers and special characters in a combination you haven’t used on other accounts. Update Account Passwords: Don’t reuse passwords from other accounts.

Manufacturing 245

Manufacturing Passwords Phishing Accountability 245

SecureWorld News

MARCH 24, 2022

Now, headlines about ransomware, cyberattacks, and data breaches pour into social media feeds as steady as a river flows. SecureWorld News takes a look at some of the largest data breaches to ever occur. Top 10 most significant data breaches. Yahoo data breach (2013). Who attacked: no attacker.

Data breaches 130

Data breaches Passwords Accountability Government 130

The Last Watchdog

JUNE 9, 2021

Massive data base breaches today generally follow a distinctive pattern: hack into a client -facing application; manipulate an API; follow the data flow to gain access to an overly permissive database or S3 bucket (cloud storage). A classic example of this type of intrusion is the Capital One data breach.

Data breaches 203

Data breaches Software Hacking Mobile 203

Malwarebytes

JUNE 3, 2022

Welcome to Internet Safety Month, a once-a-year event in which you, the public, are told that anywhere between three and 30 different best practices will simplify your approach to staying safe online. This year, then, for Internet Safety Month, we’re packaging our advice a little differently. Do use strong passwords.

Internet 136

Internet Internet Scams Passwords 136

CyberSecurity Insiders

AUGUST 12, 2021

The Korean based company that is into the business of perfume and clothes selling said that the data leak took place on August 8th, 2021 and was because of a cyber attack on a cloud based data storage firm. The post Data Breach on French Luxury brand Chanel appeared first on Cybersecurity Insiders.

Data breaches 145

Data breaches Social Engineering Retail Cyber Attacks 145

CyberSecurity Insiders

DECEMBER 26, 2022

Now, reports are in that the database of the Pennsylvania based digital services provider was hit by a cyber attack leading to a data breach, thus leaking details to hackers. And when they tried to access the account, their attempts failed as their passwords were changed.

Data breaches 133

Data breaches Accountability Internet Internet 133

Webroot

APRIL 30, 2025

In todays digital world, passwords have become a necessary part of life. May 1, 2025, is World Password Day , a reminder that passwords are the unsung heroes of cybersecurity, the first line of defense for all your sensitive personal data. World Password Day is more relevant than ever in todays evolving threat landscape.

Passwords 65

Passwords Password Management Accountability Malware 65

Malwarebytes

MAY 1, 2025

These messages frequently warn recipients about a problem with their accounts, like a password that needs to be updated, a policy change that requires a login, or a delayed package that has to be approved. In reality, those usernames and passwords are delivered directly to cybercriminals on the other side of the website.

Small Business 103

Small Business Cybersecurity Scams Passwords 103

Malwarebytes

JULY 3, 2024

‘Buy now, pay later’ payment specialist Affirm has warned that holders of its payment cards had their personal information exposed after a ransomware attack and data breach at Evolve Bank & Trust. According to Evolve , the attack started after “an employee inadvertently clicked on a malicious internet link.”

Data breaches 120

Data breaches Banking Passwords Phishing 120

Troy Hunt

DECEMBER 15, 2021

The machine had full disk encryption and it's not known whether the thief was ever actually able to access the data. Is this a data breach? the Red Cross wasn't hacked either and that was clearly a data breach. It's not clear if the car was locked or not. They want answers.

Data breaches 359

Data breaches Hacking Passwords Accountability 359

Graham Cluley

MARCH 15, 2022

Last month, the LAPSUS$ hacking group stole up to one terabyte of internal data, including hashed passwords, from graphics card maker NVIDIA.

Passwords 145

Passwords Internet Internet Hacking 145