2014, Information Security and Passwords

5 Ways artificial intelligence Is Being Used to Keep Sensitive Information Secure

Security Affairs

FEBRUARY 19, 2020

Password Protection & Authentication. Passwords are the baseline of cybersecurity. Luckily, applying AI into the mix can make passwords more secure. Before, a password was a word or phrase. One thing better than having an incredibly good password is to have a lot of them. Multi-Factor Authentication.

Artificial Intelligence

Artificial Intelligence Information Security Passwords Encryption

Linksys force password reset to prevent Router hijacking

Security Affairs

APRIL 16, 2020

Linksys has reset passwords for all its customers’ after learning on ongoing DNS hijacking attacks aimed at delivering malware. Hackers compromise D-Link and Linksys routers and change DNS settings to redirect users to bogus sites proposing a fake COVID-19 information app from the World Health Organization. Pierluigi Paganini.

Passwords

Passwords DNS Malware Advertising

TeamViewer flaw can allow hackers to steal System password

Security Affairs

AUGUST 11, 2020

A severe vulnerability impacting TeamViewer for Windows, tracked as CVE 2020-13699, could be exploited by remote attackers to steal the system password. TeamViewer has recently addressed a high-risk vulnerability ( CVE 2020-13699 ), that could be exploited by remote attackers to steal system password and potentially compromise it.

Passwords

Passwords Authentication Advertising Software

Zoom client for Windows could allow hackers to steal users’Windows password

Security Affairs

APRIL 1, 2020

The popular Zoom app is under scrutiny, experts have discovered a vulnerability that could be exploited to steal users’ Windows passwords. Security experts and privacy advocates believe that the Zoom is an efficient online video communication platform, but evidently it has some serious privacy and security solutions.

Passwords

Passwords Advertising Hacking Software

Agent Tesla includes new password-stealing capabilities from browsers and VPNs

Security Affairs

AUGUST 12, 2020

The experts first discovered the malware in June 2018, but it has been available since 2014, when they observed threat actors spreading it via a Microsoft Word document containing an auto-executable malicious VBA Macro. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Passwords

Passwords Spyware VPN Malware

A flaw in LastPass password manager leaks credentials from previous site

Security Affairs

SEPTEMBER 16, 2019

A flaw in LastPass password manager leaks credentials from previous site. An expert discovered a flaw in the LastPass password manager that exposes login credentials entered on a site previously visited by a user. Go to [link] , when prompted for password click the little “…” icon. Pierluigi Paganini.

Password Management

Password Management Passwords Advertising Mobile

Threat actor leaked data for U.S. gun exchange site on hacking forum

Security Affairs

AUGUST 13, 2020

The leaked data includes login names, hashed passwords, and email addresses. It is not confirmed that all of the leaked data is legitimate, anyway, experts suggest users change their password immediately. Users that share the password at another site should also change the password. Pierluigi Paganini.

Hacking

Hacking Data breaches Cybercrime Passwords

538 Million Weibo users’ records being sold on Dark Web

Security Affairs

MARCH 23, 2020

107 million records include personal data and basic account information such as the user ID, number of Weibo tweets, number of followers and accounts users are following, account gender, geographic location and more. The dump doesn’t include Weibo users’ passwords. ” reported the website PingWest. ?????????????

Accountability

Accountability Passwords Advertising Internet

Experts uncovered hidden behavior in thousands of Android Apps

Security Affairs

APRIL 5, 2020

A group of security researchers has found thousands of Android apps containing hidden backdoors and blacklists. There are 7,584 apps with secret access keys, 501 apps that embed master passwords, and 6,013 apps with secret commands. Moreover, these security risks hold generally across all of our data sources.

Mobile

Mobile Passwords Advertising Firmware

Someone emptied a $1 billion BitCoin wallet ahead of Presidential Election

Security Affairs

NOVEMBER 4, 2020

Yesterday almost $1 billion worth of cryptocurrency contained in a password-protected BitCoin wallet was moved to another wallet. Ahead of the 2020 Presidential election a mysterious transaction was noticed by cyber security experts and researchers. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Cryptocurrency

Cryptocurrency Passwords Advertising Hacking

South Korean Woori Bank is accused of unauthorized use of customer data

Security Affairs

FEBRUARY 11, 2020

The bank changed 23,000 passwords in 2018 without consent. However, some branch employees of Woori Bank modified the passwords and as a result of the operation, the accounts have been reactivated. However, some branch employees of Woori Bank modified the passwords and as a result of the operation, the accounts have been reactivated.

Banking

Banking Passwords Accountability Advertising

SFO discloses data breach following the hack of 2 of its websites

Security Affairs

APRIL 11, 2020

The SFO ITT urges anyone who even visited either website using the Internet Explorer web browser to change the device’s password. In response to the incident, the SFO Airport reset all email and network passwords. The airport also forced a reset of all SFO related email and network passwords on Monday, March 23, 2020.”

Data breaches

Data breaches Hacking Telecommunications Advertising

Asian media firm E27 hacked, attackers asked for a “donation”

Security Affairs

JUNE 28, 2020

” “We use Facebook and LinkedIn for account login and do not store any passwords on our system. If you use the legacy email and password login, your passwords are encrypted, but we highly encourage that you change it. We do not store any credit card or payment related information on our servers.”

Media

Media Hacking Passwords Data breaches

A data breach broker is selling account databases of 17 companies

Security Affairs

NOVEMBER 1, 2020

Users of the above companies have to immediately change their passwords, and if they use the same passwords at other sites, they should also change the password at those sites. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. .” states BleepingComputer. Pierluigi Paganini.

Data breaches

Data breaches Accountability Advertising Passwords

4 Million Quidd account details shared on hacking forums

Security Affairs

APRIL 14, 2020

Quidd , the online marketplace for trading stickers, cards, toys, and other collectibles, discloses a data breach in has suffered in 2019, it is also recommending users to change their passwords. The data breach was first reported by Risk Based Security last week, since then, Quidd has never disclosed any data breach recent security incident.

Accountability

Accountability Hacking Data breaches Passwords

Hackers exploit SQL injection zero-day issue in Sophos firewall

Security Affairs

APRIL 26, 2020

The data for any specific firewall depends upon the specific configuration and may include usernames and hashed passwords for the local device admin(s), portal admins, and user accounts used for remote access.” ” “Passwords associated with external authentication systems such as AD or LDAP are unaffected.

Firewall

Firewall Passwords Accountability Advertising

The team behind the Joomla CMS discloses a data breach

Security Affairs

JUNE 1, 2020

Data contained in the backup includes : Full name Business address Business email address Business phone number Company URL Nature of business Encrypted password (hashed) IP address Newsletter subscription preferences. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” concludes the notification.

Data breaches

Data breaches Backups Passwords Advertising

Open Exchange Rates discloses a security breach

Security Affairs

MARCH 16, 2020

Last week, Open Exchange Rates disclosed a data breach that exposed the personal information and hashed passwords for customers of its API service. Last week, the currency data provider Open Exchange Rates has disclosed a data breach that exposed the personal information and salted and hashed passwords for customers of its API service.

Data breaches

Data breaches Passwords Advertising Accountability

Havenly discloses data breach, 1.3M accounts available online

Security Affairs

AUGUST 3, 2020

The leaked records included a login name, full name, MD5 hashed password, email address, phone number, zip, and other data related. The company has notified impacted users via email, it admitted to having recently discovered the data breach, in response to the incident it has forced a password reset.

Data breaches

Data breaches Accountability Passwords Advertising

RDP brute-force attacks rocketed since beginning of COVID-19

Security Affairs

APRIL 30, 2020

. “Since the beginning of March, the number of Bruteforce.Generic.RDP attacks has rocketed across almost the entire planet” Attackers attempt to brute-force the username and password used to protect RDP access to systems exposed online, they can use combinations of random characters or leverage dictionary of most popular passwords.

Passwords

Passwords Advertising Authentication VPN

Popular Webkinz World online children’s game hacked, 23M credentials leaked

Security Affairs

APRIL 19, 2020

A hacker has leaked the usernames and passwords of nearly 23 million players of Webkinz World on a well-known hacking forum. . 22,000,000 users affected and while the database only contains username and hashed passwords, I believe it is just part of the full database that was probably taken as well. Pierluigi Paganini.

Hacking

Hacking Passwords Data breaches Advertising

Microsoft, Italy and the Netherlands agencies warn of EMOTET campaigns

Security Affairs

SEPTEMBER 24, 2020

The recent Emotet campaign uses spam messages with password-protected attachments, experts noticed a decline in infections over the weekend, a behavior already observed in the past. Emotet joined the password-protected attachment bandwagon with a campaign starting Friday. ” states the Italian CSIRT’s alert. .

Malware

Malware Passwords Advertising Ransomware

LimeRAT malware delivered using 8-year-old VelvetSweatshop trick

Security Affairs

APRIL 1, 2020

In malspam attacks, attackers could encrypt the Excel file by setting up a password, then when the victims receive the email, hackers trick them into opening the attachment using a password included in the content of the message. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Malware

Malware Passwords Encryption Advertising

Data of 21 million Mixcloud users available for sale on the dark web

Security Affairs

DECEMBER 1, 2019

The hacker access to users’ data, including usernames , email addresses, SHA-2 hashed passwords, account sign-up dates and country, the last-login date, the internet (IP) address, and links to profile photos. The majority of Mixcloud users signed up via Facebook authentication, in which cases we do not store passwords.”

Data breaches

Data breaches Passwords Advertising Hacking

Alleged Activision hack, 500,000 Call Of Duty players impacted

Security Affairs

SEPTEMBER 21, 2020

Change your Activision account passwords and add 2FA immediately. Activision accounts are apparently being leaked so change your password, although that might not even help because they're apparently generating 1,000 accounts every 10 minutes. Players are recommended to change their account passwords as soon as possible.

Hacking

Hacking Data breaches Accountability Passwords

Cisco Webex flaw allows unauthenticated remote attackers to join private meetings

Security Affairs

JANUARY 25, 2020

Cisco has addressed a high-severity flaw in the Cisco Webex video conferencing platform ( CVE-2020-3142) that could be exploited by a remote, unauthenticated attacker to enter a password-protected video conference meeting. reads the security advisory published by Cisco. Pierluigi Paganini. SecurityAffairs – Webex, hacking).

Mobile

Mobile Passwords Advertising Authentication

SANS Institute Email Breach – 28,000 User Records exposed

Security Affairs

AUGUST 12, 2020

On August 6, during a review of email configuration and rules, the staff at the SANS Institute discovered a security breach. 28,000 records of personally identifiable information (PII) have been forwarded to an unknown email address. Financial information either passwords were not impacted in the incident.

Data breaches

Data breaches Accountability Advertising Information Security

UberEats data leaked on the dark web

Security Affairs

AUGUST 4, 2020

UberEats is an American online food ordering and delivery platform launched by Uber in 2014. “During our research process, the Cyble Research Team got hold of some informative details related to this leak.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Banking

Banking Data breaches Advertising Mobile

ShinyHunters leaked over 386 million user records from 18 companies

Security Affairs

JULY 28, 2020

The huge trove of data contains over 386 million user records, but only some of them included the user’s password. Users of the above companies are recommended to change their passwords as soon as possible, they have to change the passwords where they used the same login credentials.

Passwords

Passwords Advertising Education Banking

Aerial Direct, the O2’s largest UK partner suffered a data breach

Security Affairs

MARCH 16, 2020

. “We recently became aware that some of our customers’ personal information stored on one of our databases has been accessed without permission. To reassure you, the database did not include any passwords or financial details, such as bank account number or credit card information.” Pierluigi Paganini.

Data breaches

Data breaches Telecommunications Passwords Advertising

Ukraine intelligence doxed 5 FSB Officers that are members of Gamaredon APT Group

Security Affairs

NOVEMBER 5, 2021

“They are officers of the ‘Crimean’ FSB and traitors who defected to the enemy during the occupation of the peninsula in 2014. This ‘line of work’ is coordinated by the FSB’s 18th Center (Information Security Center) based in Moscow.” 5 members of the group have been notified of suspicion of treason.”

Government

Government Software Cyber threats Cyber Attacks

267 Million Facebook identities available for 500 euros on the dark web

Security Affairs

APRIL 20, 2020

Over 267 million Facebook profiles are offered for sale on dark web sites and hacker forums, the dump is offered for £500 ($623) and doesn’t include passwords. Hackers are offering for sale over 267 million Facebook profiles for £500 ($623) on dark web sites and hacker forums, the archive doesn’t include passwords.

Data breaches

Data breaches Passwords Advertising Phishing

A vulnerability in Zoom platform allowed miscreants to join Zoom meetings

Security Affairs

JANUARY 28, 2020

The Zoom platform hosts both password-protected virtual meetings and webinars, and sessions for non-pre-registered participants who can join the meetings by entering a unique Meeting ID (comprised of 9, 10, and 11-digit numbers). The latter case doesn’t require a password or going through the Waiting Rooms. Pierluigi Paganini.

Passwords

Passwords Advertising Accountability Hacking

Thousands of Canadian government accounts hacked, Treasury Board of Canada Secretariat say

Security Affairs

AUGUST 17, 2020

These attacks, which used passwords and usernames collected from previous hacks of accounts worldwide, took advantage of the fact that many people reuse passwords and usernames across multiple accounts.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” states the press release.

Government

Government Accountability Hacking Advertising

Threat actors are offering for sale 550 million stolen user records

Security Affairs

MAY 15, 2020

million January 2014 Wego.com 6.5 million April 2014 Coubic.com 2.6 million April 2014 ClassPass.com 1.6 million January 2014 Wego.com 6.5 million April 2014 Coubic.com 2.6 million April 2014 ClassPass.com 1.6 Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Data breaches

Data breaches Advertising Passwords Hacking

Chinese smartphone vendor OnePlus discloses a new data breach

Security Affairs

NOVEMBER 23, 2019

. “We want to update you that we have discovered that some of our users’ order information was accessed by an unauthorized party.” “We can confirm that all payment information, passwords and accounts are safe, but certain users’ name, contact number, email and shipping address may have been exposed.

Data breaches

Data breaches Passwords Advertising Accountability

FBI arrested a Russian citizen suspected to be the mastermind of Deer.io

Security Affairs

MARCH 10, 2020

international financial and corporate data, Personally Identifiable Information (PII), and compromised user accounts from many U.S. Individuals can also buy computer files, financial information, PII, and usernames and passwords taken from computers infected with malicious software (malware) located both in the U.S. storefront.”

Accountability

Accountability Advertising Passwords Hacking

Zerologon attack lets hackers to completely compromise a Windows domain

Security Affairs

SEPTEMBER 14, 2020

. “By forging an authentication token for specific Netlogon functionality, he was able to call a function to set the computer password of the Domain Controller to a known value. After that, the attacker can use this new password to take control over the domain controller and steal credentials of a domain admin.”

Authentication

Authentication Passwords Advertising Architecture

Attackers use a new CoronaVirus Ransomware to cover Kpot Infostealer infections

Security Affairs

MARCH 17, 2020

The website was distributing a file named WSHSetup.exe, it is the downloader for both the CoronaVirus Ransomware and the Kpot password-stealer. exe,’ which is the Kpot password-stealing Trojan. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. One of these files is, ‘file1.exe,’

Ransomware

Ransomware Advertising Cryptocurrency Passwords

The forum of the popular Albion Online game was hacked

Security Affairs

OCTOBER 19, 2020

A threat actor has breached the forum of Albion Online and stole usernames and password hashes from its database. On top of that, the attacker gained access to encrypted passwords (in technical terms: hashed and salted passwords).” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Hacking

Hacking Data breaches Passwords Advertising

French daily Le Figaro leaks 7.4 Billion records

Security Affairs

MAY 2, 2020

. “The server was live at the time of our investigation, leaking Personally Identifiable Information (PII) data from people accessing private accounts on Le Figaro’s news website, and in some cases, their login credentials.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Identity Theft

Identity Theft Passwords Advertising Accountability

Cisco fixes a static default credential issue in Smart Software Manager tool

Security Affairs

FEBRUARY 20, 2020

The CVE-2020-3158 flaw is related to the presence of a system account that has a default and static password in the Smart Software Manager tool. “The vulnerability is due to a system account that has a default and static password and is not under the control of the system administrator.” Pierluigi Paganini.

Software

Software System Administration Advertising Accountability

New MrbMiner malware infected thousands of MSSQL DBs

Security Affairs

SEPTEMBER 16, 2020

According to security firm Tencent, the team of hackers has been active over the past few months by hacking into Microsoft SQL Servers (MSSQL) to install a crypto-miner. “Tencent Security Threat Intelligence Center detected a new type of mining Trojan family MrbMiner. Pierluigi Paganini. SecurityAffairs – hacking, MrbMiner).

Malware

Malware Advertising Cryptocurrency Accountability

Malware campaign attempts to evade analysis with Any.Run sandbox

Security Affairs

JULY 13, 2020

The second script is then executed and attempt to launch a version of the Azorult password-stealing Trojan, but if detects that the program is running on Any.Run it will display the message ‘Any.run Detected!’ “When the second script is run, it will attempt to launch what appears to be the Azorult password-stealing Trojan.

Malware

Malware Advertising Passwords Hacking

5 Ways artificial intelligence Is Being Used to Keep Sensitive Information Secure

Linksys force password reset to prevent Router hijacking

Trending Sources

TeamViewer flaw can allow hackers to steal System password

Zoom client for Windows could allow hackers to steal users’Windows password

Agent Tesla includes new password-stealing capabilities from browsers and VPNs

A flaw in LastPass password manager leaks credentials from previous site

Threat actor leaked data for U.S. gun exchange site on hacking forum

538 Million Weibo users’ records being sold on Dark Web

Experts uncovered hidden behavior in thousands of Android Apps

Someone emptied a $1 billion BitCoin wallet ahead of Presidential Election

South Korean Woori Bank is accused of unauthorized use of customer data

SFO discloses data breach following the hack of 2 of its websites

Asian media firm E27 hacked, attackers asked for a “donation”

A data breach broker is selling account databases of 17 companies

4 Million Quidd account details shared on hacking forums

Hackers exploit SQL injection zero-day issue in Sophos firewall

The team behind the Joomla CMS discloses a data breach

Open Exchange Rates discloses a security breach

Havenly discloses data breach, 1.3M accounts available online

RDP brute-force attacks rocketed since beginning of COVID-19

Popular Webkinz World online children’s game hacked, 23M credentials leaked

Microsoft, Italy and the Netherlands agencies warn of EMOTET campaigns

LimeRAT malware delivered using 8-year-old VelvetSweatshop trick

Data of 21 million Mixcloud users available for sale on the dark web

Alleged Activision hack, 500,000 Call Of Duty players impacted

Cisco Webex flaw allows unauthenticated remote attackers to join private meetings

SANS Institute Email Breach – 28,000 User Records exposed

UberEats data leaked on the dark web

ShinyHunters leaked over 386 million user records from 18 companies

Aerial Direct, the O2’s largest UK partner suffered a data breach

Ukraine intelligence doxed 5 FSB Officers that are members of Gamaredon APT Group

267 Million Facebook identities available for 500 euros on the dark web

A vulnerability in Zoom platform allowed miscreants to join Zoom meetings

Thousands of Canadian government accounts hacked, Treasury Board of Canada Secretariat say

Threat actors are offering for sale 550 million stolen user records

Chinese smartphone vendor OnePlus discloses a new data breach

FBI arrested a Russian citizen suspected to be the mastermind of Deer.io

Zerologon attack lets hackers to completely compromise a Windows domain

Attackers use a new CoronaVirus Ransomware to cover Kpot Infostealer infections

The forum of the popular Albion Online game was hacked

French daily Le Figaro leaks 7.4 Billion records

Cisco fixes a static default credential issue in Smart Software Manager tool

New MrbMiner malware infected thousands of MSSQL DBs

Malware campaign attempts to evade analysis with Any.Run sandbox

Stay Connected