Remove 2012 Remove Accountability Remove Information Security
article thumbnail

Horde Webmail Software is affected by a dangerous bug since 2012

Security Affairs

Experts found a nine-year-old unpatched flaw in the Horde Webmail software that could allow access to email accounts. A feature in the Horde Webmail is affected by a nine-year-old unpatched security vulnerability that could be abused to gain complete access to email accounts simply by previewing an attachment. disable' => true.

Software 130
article thumbnail

Data Enrichment, People Data Labs and Another 622M Email Addresses

Troy Hunt

For example, there's Dun & Bradstreet's NetProspex which leaked 33M records in 2017 , Exactis who had 132M records breached last year and the Apollo data breach which exposed 126M accounts, one of which was my own. i speak at conferences around the world and run workshops on how to build more secure software within organisations.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Yevgeniy Nikulin, Russian hacker behind Dropbox and LinkedIn hacks found guilty

Security Affairs

The Russian hacker Yevgeniy Nikulin found guilty for LinkedIn, Dropbox, and Formspring data breach back in 2012 and the sale of their users’ data. A jury found Russian hacker Yevgeniy Nikulin guilty for the hack of LinkedIn, Dropbox, and Formspring back in 2012 and for the sale of the stolen data on cybercrime black marketplaces.

Hacking 124
article thumbnail

U.S. CISA adds Microsoft Internet Explorer and Twilio Authy bugs to its Known Exploited Vulnerabilities catalog

Security Affairs

Remote attackers can exploit the flaw to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not properly allocated or (2) is deleted, as demonstrated by a CDwnBindInfo object, and exploited in the wild in December 2012. is a Twilio Authy information disclosure vulnerability.

Internet 117
article thumbnail

Threat actors are offering for sale 550 million stolen user records

Security Affairs

Data appears to come from past data breaches, the oldest one dates back as 2012 while the latest one dates April 2020. million April 2018 Netlog.com (Twoo.com) 57 million November 2012 Dubsmash.com Phone numbers 47.1 million September 2012 Bukalapak.com 13 million February 2018 Bookmate.com 8 million July 2018 ReverbNation.com 7.9

article thumbnail

Russian national sentenced to 40 months for selling stolen data on the dark web

Security Affairs

The marketplace had been active since 2012, it was allowing sellers to offer stolen login credentials, including usernames and passwords for bank accounts, online payment accounts, mobile phone accounts, retailer accounts, and other online accounts. Those credentials were subsequently linked to $1.2

Banking 132
article thumbnail

Russian author of NeverQuest banking malware gets 4 Years in U.S. Prison

Security Affairs

The Neverquest malware is able to log in to the victim’s online banking account and perform fraudulent transactions. Lisov operated the infrastructure behind the NeverQuest malware between June 2012 and January 2015, the managed a network of servers containing lists of millions of stolen login credentials.

Banking 133