Remove Event Remove Hacking Remove Information Security
article thumbnail

Amazon discloses employee data breach after May 2023 MOVEit attacks

Security Affairs

million records containing employee data on the hacking forum BreachForums. Compromised data includes names, contact information, building locations, email addresses, and more. Exposed data did not include Social Security numbers or financial information. A threat actor using the handle Nam3L3ss leaked over 2.8

article thumbnail

Pwn2Own Ireland 2024 Day 2: participants demonstrated an exploit against Samsung Galaxy S24

Security Affairs

On day two of Pwn2Own Ireland 2024 , hackers demonstrated attacks against 51 zero-day vulnerabilities, earning a total of $358,625, prizes that we have sum to the $516,250 earned by participants on the first day of the event. ” reads the announcement published by ZDI. ” reads the announcement published by ZDI. CONFIRMED!!

Hacking 125
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

E-skimming campaign uses Unicode obfuscation to hide the Mongolian Skimmer

Security Affairs

The Mongolian Skimmer captures final data entries using the beforeunload event, ensures cross-browser compatibility with various event-handling techniques, and employs anti-debugging tactics by monitoring formatting changes to detect and evade debugging attempts.

article thumbnail

Scammers live-streamed on YouTube a fake Apple crypto event

Security Affairs

Scammers live-streamed on YouTube an old interview with Tim Cook as part of a fake Apple crypto event, and tens of thousands of users viewed it. Cybercriminals were live-streaming on YouTube an old interview with Tim Cook as part of a fake Apple crypto event, and tens of thousands of users viewed it. SecurityAffairs – hacking, scam).

Scams 133
article thumbnail

SEC fined 4 companies for misleading disclosures about the impact of the SolarWinds attack

Security Affairs

The SEC fined Unisys, Avaya, Check Point, and Mimecast for misleading disclosures about the impact of the SolarWinds Orion hack. The US Securities and Exchange Commission (SEC) charged four companies, Unisys, Avaya, Check Point, and Mimecast for misleading public disclosures related to the supply chain attack on SolarWinds.

Hacking 112
article thumbnail

Russia warns financial sector organizations of IT service provider LANIT compromise

Security Affairs

” NKTsKI recommends organizations to strengthen monitoring of threats and information security events in systems provided by LANIT. LANIT Group (Laboratory of New Information Technologies) is one of Russia’s largest IT service and software providers. ” said U.S.

article thumbnail

New ‘Bring Your Own Installer (BYOI)’ technique allows to bypass EDR

Security Affairs

Forensics showed rapid version changes, installer file use, and event log entries tied to EDR tampering. ” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,BYOI) Once disabled the EDR agent, the attackers deployed the Babuk ransomware.