Security Affairs

NOVEMBER 28, 2024

T-Mobile reported recent infiltration attempts but pointed out that threat actors had no access to its systems and no sensitive data was compromised. T-Mobile detected recent infiltration attempts but confirmed no unauthorized system access occurred, and no sensitive data was compromised. This is not the case at T-Mobile.”

Mobile 119

Mobile Telecommunications Government Internet 119

Krebs on Security

DECEMBER 2, 2020

For at least the third time in its existence, OGUsers — a forum overrun with people looking to buy, sell and trade access to compromised social media accounts — has been hacked. OGUsers was hacked at least twice previously, in May 2019 and again in March 2020. called Disco Payments. ”

Accountability 348

Accountability Hacking Scams Media 348

Krebs on Security

AUGUST 18, 2021

T-Mobile is warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. T-Mobile hasn’t yet responded to requests for clarification regarding how many of the 7.8

Mobile 261

Mobile Identity Theft Accountability Cybercrime 261

Security Affairs

NOVEMBER 10, 2024

US CFPB warns employees to avoid work-related mobile calls and texts following China-linked Salt Typhoon hack over security concerns. The hacking campaign, called Salt Typhoon by investigators, hasn’t previously been publicly disclosed and is the latest in a series of incursions that U.S. Wall Street Journal reported.

Hacking 133

Hacking Internet Internet Government 133

Security Affairs

FEBRUARY 2, 2025

The hacking campaign targeted 90 users and was disrupted in December, WhatsApp already alerted them of a possible compromise of their devices. WhatsApp linked the hacking campaign to Paragon, an Israeli commercial surveillance vendor acquired by AE Industrial Partners for $900 million in December 2024.

Spyware 112

Spyware Hacking Surveillance Malware 112

Krebs on Security

JULY 22, 2020

The New York Times last week ran an interview with several young men who claimed to have had direct contact with those involved in last week’s epic hack against Twitter. ” Twice in the past year, the OGUsers forum was hacked , and both times its database of usernames, email addresses and private messages was leaked online.

Hacking 346

Hacking Accountability Scams Media 346

Krebs on Security

NOVEMBER 21, 2024

Federal prosecutors in Los Angeles this week unsealed criminal charges against five men alleged to be members of a hacking group responsible for dozens of cyber intrusions at major U.S. technology companies between 2021 and 2023, including LastPass , MailChimp , Okta , T-Mobile and Twilio. Image: Amitai Cohen twitter.com/amitaico.

Identity Theft 265

Identity Theft Phishing Cryptocurrency Accountability 265

Webroot

MAY 9, 2025

The goal is to get you to give up sensitive personal details that can be used to hack into your accounts, and they are alarmingly successful. Photo credit: TextMagic Mobile security checklist Most of us use our phones for everything – banking, shopping, messaging, and storing personal information.

Scams 72

Scams Mobile Banking VPN 72

Krebs on Security

NOVEMBER 1, 2024

KrebsOnSecurity last week heard from a reader whose close friend received a targeted phishing message within the Booking mobile app just minutes after making a reservation at a California. One post last month on the Russian-language hacking forum BHF offered up to $5,000 for each hotel account.

Phishing 272

Phishing Accountability Artificial Intelligence Cybercrime 272

Krebs on Security

FEBRUARY 4, 2021

Facebook told KrebsOnSecurity it seized hundreds of accounts — mainly on Instagram — that have been stolen from legitimate users through a variety of intimidation and harassment tactics, including hacking, coercion, extortion, sextortion , SIM swapping , and swatting. THE MIDDLEMEN. WHAT YOU CAN DO.

Accountability 326

Accountability Hacking Media Mobile 326

Security Boulevard

AUGUST 7, 2024

The post Student Devices Wiped — Mobile Guardian Hacked AGAIN appeared first on Security Boulevard. Hackers ate my homework: MDM software for schools is breached for second time this year—13,000 devices wiped in Singapore alone.

Mobile 126

Mobile Hacking Software Data privacy 126

Malwarebytes

MAY 8, 2025

According to the original complaint against NSO Group, filed in October 2019, the spyware vendor used WhatsApp servers to send malware to around 1400 mobile phones. Keep threats off your mobile devices by downloading Malwarebytes for iOS , and Malwarebytes for Android today. Facebook has its own initiative.

Spyware 125

Spyware Hacking Surveillance Government 125

Schneier on Security

SEPTEMBER 24, 2020

The New York Times wrote about a still-unreleased report from Chckpoint and the Miaan Group: The reports, which were reviewed by The New York Times in advance of their release, say that the hackers have successfully infiltrated what were thought to be secure mobile phones and computers belonging to the targets, overcoming obstacles created by encrypted (..)

Government 278

Government Hacking Mobile Encryption 278

Schneier on Security

NOVEMBER 26, 2024

which are two recently released versions of Apple’s mobile operating system, according to documents describing the tool’s capabilities in granular detail obtained by 404 Media. The documents do not appear to contain information about what Graykey can access from the public release of iOS 18.1, which was released on October 28.

Media 289

Media Manufacturing Mobile Hacking 289

The Last Watchdog

AUGUST 19, 2021

At the start of this week, word got out that hackers claimed to have seized personal data for as many as 100 million T-Mobile patrons. Related: Kaseya hack worsens supply chain risk. According to the attackers, this was a configuration issue on an access point T-Mobile used for testing. This was not a sophisticated attack.

Mobile 235

Mobile Data breaches Authentication Accountability 235

The Last Watchdog

MAY 18, 2023

Your go-to mobile apps aren’t nearly has hackproof as you might like to believe. Related: Fallout of T-Mobile hack Hackers of modest skill routinely bypass legacy security measures, even two-factor authentication, with techniques such as overlay attacks. And hard data shows instances of such breaches on the rise.

Mobile 202

Mobile Authentication Internet Internet 202

Krebs on Security

DECEMBER 13, 2022

USDoD told KrebsOnSecurity their phony application was submitted in November in the CEO’s name, and that the application included a contact email address that they controlled — but also the CEO’s real mobile phone number. “I wasn’t expected to be approve[d].”

Hacking 363

Hacking Energy and Utilities Cybercrime Accountability 363

Security Boulevard

JANUARY 8, 2025

The post Green Bay Packers Retail Site Hacked, Data of 8,500 Customers Exposed appeared first on Security Boulevard.

Retail 109

Retail Hacking Data privacy Data breaches 109

Krebs on Security

FEBRUARY 28, 2025

Intrinsec said its analysis showed Prospero frequently hosts malware operations such as SocGholish and GootLoader , which are spread primarily via fake browser updates on hacked websites and often lay the groundwork for more serious cyber intrusions — including ransomware. A fake browser update page pushing mobile malware.

Malware 256

Malware Antivirus Software DDOS 256

Troy Hunt

OCTOBER 2, 2020

And as for the website I couldn't log into without being deferred back to the mobile app? This, along with many of the other fields above, is what makes it so sensational that the data was so trivially accessible by anyone who could exploit this simple flaw.

Accountability 364

Accountability Hacking Passwords InfoSec 364

Security Affairs

OCTOBER 22, 2024

A vulnerability resides in Samsung mobile processors and according to the experts, it has been chained with other vulnerabilities to achieve arbitrary code execution on vulnerable devices. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Samsung)

Firmware 145

Firmware Mobile Spyware Media 145

Security Affairs

AUGUST 6, 2024

Threat actors breached the UK-based mobile device management (MDM) firm Mobile Guardian and remotely wiped thousands of devices. Hackers breached the mobile device management (MDM) firm Mobile Guardian, the company detected unauthorized access to iOS and ChromeOS devices on August 4th. ” reported the MOE.

Mobile 144

Mobile Education Hacking Cybercrime 144

Krebs on Security

FEBRUARY 26, 2023

Media coverage understandably focused on GoDaddy’s admission that it suffered three different cyberattacks over as many years at the hands of the same hacking group. But it’s worth revisiting how this group typically got in to targeted companies: By calling employees and tricking them into navigating to a phishing website.

Hacking 329

Hacking Social Engineering Phishing Scams 329

Krebs on Security

AUGUST 6, 2020

Hacked or ill-gotten accounts at consumer data brokers have fueled ID theft and identity theft services of various sorts for years. IP addresses and dates tied to the consumer’s online activities; -vehicle registration, and property ownership information. .” In 2013, KrebsOnSecurity broke the news that the U.S.

Accountability 363

Accountability Identity Theft Hacking Insurance 363

Security Affairs

NOVEMBER 25, 2024

” An SMS blaster attack is a cyberattack where a large number of malicious or fraudulent SMS messages are sent to mobile devices within a specific area or to a targeted group. SMS blaster attacks can exploit vulnerabilities in mobile networks and typically require proximity to the targeted devices for localized attacks.

Mobile 127

Mobile Scams Technology Telecommunications 127

Security Affairs

OCTOBER 17, 2024

VMWare warns to address a remote code execution vulnerability, tracked as CVE-2024-38814 (CVSS score of 8.8), in its HCX application mobility platform. ” VMware HCX (Hybrid Cloud Extension) is a workload mobility platform designed to simplify the migration, rebalancing, and continuity of workloads across data centers and clouds.

Authentication 134

Authentication Mobile Hacking Information Security 134

The Last Watchdog

MAY 23, 2023

As digital transformation accelerates, Application Programming Interfaces (APIs) have become integral to software development – especially when it comes to adding cool new functionalities to our go-to mobile apps. Hackers know just how vulnerable companies are at this moment.

Mobile 200

Mobile Digital transformation Financial Services Software 200

Security Boulevard

MAY 5, 2025

A 25-year-old California man will plead guilty to hacking into a Disney's personal computer and using stolen credentials to break into thousands of Disney Slack channels. The post California Man Will Plead Guilty to Last Years Disney Hack appeared first on Security Boulevard.

Hacking 89

Hacking Data privacy Data breaches Mobile 89

Security Affairs

OCTOBER 31, 2024

Interbank disclosed a data breach after a threat actor claimed the hack of the organization and leaked stolen data online. ” [link] The financial organization announced that it had resumed its mobile and online platforms after recent outages and sought to assure customers that their funds were not impacted by the security incident.

Data breaches 131

Data breaches Financial Services Hacking Mobile 131

Security Affairs

MARCH 29, 2025

“The emergence of the Crocodilus mobile banking Trojan marks a significant escalation in the sophistication and threat level posed by modern malware. ” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,malware) . ” ThreatFabric concludes.

Banking 71

Banking Mobile Identity Theft Malware 71

Security Affairs

OCTOBER 28, 2024

million mobile and fixed subscribers. “This suspected data breach reportedly affects Free Mobile and Freebox customers, with the data leak dating back to October 17, 2024, according to the cybercriminals.” Free S.A.S. is a French telecommunications company, subsidiary of Iliad S.A. ” wrote the cyber evangelist SaxX.

Cyber Attacks 129

Cyber Attacks Telecommunications Data breaches Banking 129

Security Affairs

SEPTEMBER 21, 2024

A joint international law enforcement operation led by Europol dismantled a major phishing scheme targeting mobile users. Europol supported European and Latin American law enforcement agencies in dismantling an international criminal network that unlocks stolen or lost mobile phones using a phishing platform.

Mobile 135

Mobile Phishing Computers and Electronics Marketing 135

Krebs on Security

DECEMBER 29, 2024

Much of my summer was spent reporting a story about how advertising and marketing firms have created a global free-for-all where anyone can track the daily movements and associations of hundreds of millions of mobile devices , thanks to the ubiquity of mobile location data that is broadly and cheaply available.

Scams 237

Scams Cybercrime Cryptocurrency Social Engineering 237

Security Affairs

APRIL 19, 2025

Threat actors are actively exploiting a remote code execution flaw in SonicWall Secure Mobile Access (SMA) appliances since January 2025. Arctic Wolf researchers warn that threat actors actively exploit a vulnerability, tracked as CVE-2021-20035 (CVSS score of 7.1), in SonicWall Secure Mobile Access (SMA) since at least January 2025.

Passwords 110

Passwords VPN Firewall Accountability 110

Krebs on Security

OCTOBER 17, 2024

” However, the DDoS machine the Omer brothers allegedly built was not made up of hacked devices — as is typical with DDoS botnets. As Hamas fighters broke through the border fence and attacked Israel on Oct. 7, 2023, a wave of rockets was launched into Israel.

DDOS 265

DDOS Government Internet Internet 265

Schneier on Security

OCTOBER 22, 2021

Someone has been hacking telecommunications networks around the world: LightBasin (aka UNC1945) is an activity cluster that has been consistently targeting the telecommunications sector at a global scale since at least 2016, leveraging custom tools and an in-depth knowledge of telecommunications network architectures.

Telecommunications 360

Telecommunications Architecture Mobile Hacking 360

Security Affairs

MARCH 28, 2025

. “Preliminary findings indicate that the suspects developed malware called Mamont, which they distributed via Telegram channels under the guise of safe mobile applications and video files. Crooks typically disguise the malicious code as legitimate mobile apps or video files.

Banking 118

Banking Computers and Electronics Mobile Malware 118