Security Affairs

JANUARY 19, 2020

This is the biggest leak of Telnet passwords even reported. The list includes the IP address, username and password for the Telnet service for each device. The list appears to be the result of an Internet scan for devices using default credentials or easy-to-guess passwords. ” reported ZDNet. ” reported ZDNet.

IoT 128

IoT DDOS InfoSec Internet 128

Security Affairs

JANUARY 2, 2021

The attacks aimed at stealing information to gain an advantage over CrowdSurge, which was acquired by Warner Music Group (WMG) in 2017. “Ticketmaster Used Passwords Unlawfully Retained by a Former Employee of a Competitor to Access Computer Systems in Scheme to “Choke Off” the Victim’s Business” wrote the DoJ.

Hacking 128

Hacking Passwords Accountability Cybercrime 128

Malwarebytes

JANUARY 16, 2024

On January 4, 2017, Case Western Reserve University (CWRU), located in Cleveland, Ohio, became aware of an infection on more than 100 of its computers. The university was notified by an undisclosed third party, who provided information to help the team find and identify the malware. This can take years, however.

Malware 127

Malware Passwords Identity Theft Data collection 127

Security Affairs

JANUARY 7, 2024

Researchers from Dutch security firm Hunt & Hackett observed Sea Turtle cyber espionage group (aka Teal Kurma, Marbled Dust, SILICON and Cosmic Wolf) targeting telco, media, ISPs, IT service providers, and Kurdish websites in the Netherlands. Between 2017 and 2019, the APT group mainly used DNS hijacking in its campaigns.

Media 143

Media Accountability Telecommunications Government 143

Security Affairs

AUGUST 27, 2019

. “Here is what we know about the situation today: On August 20, 2019, we learned from a third party of a data exposure that impacts a subset of customers of our Cloud WAF product who had accounts through September 15, 2017. Elements of our Incapsula customer database through September 15, 2017 were exposed.

Data breaches 111

Data breaches Firewall Passwords Advertising 111

Security Affairs

OCTOBER 14, 2019

“Here is what we know about the situation today: On August 20, 2019, we learned from a third party of a data exposure that impacts a subset of customers of our Cloud WAF product who had accounts through September 15, 2017. Elements of our Incapsula customer database through September 15, 2017 were exposed.

Firewall 102

Firewall Passwords Accountability Data breaches 102

Security Affairs

AUGUST 7, 2019

This kind of attacks is very efficient due to the bad habit of users of reusing the same password over multiple services. During our investigation, we determined that the bad actor possessed the user ID and password for your State Farm online account.” The experts detected 8.3 billion per month.

Insurance 110

Insurance Data breaches Financial Services Passwords 110

Security Affairs

AUGUST 16, 2024

Many Google Pixel devices shipped since September 2017 have included a vulnerable app that could be exploited for malicious purposes. Many Google Pixel devices shipped since September 2017 have included dormant software that could be exploited by attackers to compromise them. ” reads the report. ” reads the report.

Hacking 145

Hacking Firmware Mobile Penetration Testing 145

Security Affairs

DECEMBER 24, 2020

91541, 91534 CVE-2014-1812 05/13/2014 Microsoft Windows Group Policy Preferences Password Elevation of Privilege Vulnerability (KB2962486) 9 91148, 90951 CVE-2020-0688 02/11/2020 Microsoft Exchange Server Security Update for February 2020 8.8

Hacking 132

Hacking Cyber Attacks Passwords Software 132

Security Affairs

OCTOBER 7, 2019

The StreetEasy data breach took place in the mid-2016 and exposed 988k records that included names, usernames, email addresses and SHA-1 password hashes. Impacted data includes names, usernames, email addresses and SHA-1 password hashes. “In approximately January 2017, the beauty store Sephora suffered a data breach.

Data breaches 105

Data breaches Passwords Advertising Cybercrime 105

Security Affairs

AUGUST 9, 2022

The emails used weaponized Microsoft Word documents exploiting the CVE-2017-11882 vulnerability. The CVE-2017-11882 flaw is a memory-corruption issue that affects all versions of Microsoft Office released between 2000 and 2017. The vulnerability affects the MS Office component EQNEDT32.EXE

Encryption 133

Encryption Antivirus Malware Hacking 133

Security Affairs

MAY 15, 2020

million January 2017 CafeMom.com 2.6 million October 2017 ModaOperandi.com 1.3 Those who have their account exposed in one of the above incidents are recommended to change their password. million April 2018 Netlog.com (Twoo.com) 57 million November 2012 Dubsmash.com Phone numbers 47.1 million December 2018 CafePress.com 23.6

Data breaches 139

Data breaches Advertising Passwords Hacking 139

Security Affairs

DECEMBER 29, 2021

The spear-phishing messages use a password-protected ZIP or RAR attachment and the password is included in the content of the email. ” reads the analysis published by NTT Security. checks whether both username and password are filled in a dialog as an additional feature before clicking the OK button.”

Malware 145

Malware Phishing Passwords Media 145

Security Affairs

JUNE 4, 2021

Talos experts noticed that a version released on May 18 included Python versions of EternalBlue ( CVE-2017-0144 ) and EternalRomance ( CVE-2017-0147 ) exploits with a Windows download command line as the payload. ” reads the analysis published by Talos.

Malware 134

Malware Passwords DDOS IoT 134

Security Affairs

JUNE 26, 2020

Schuchman, Vamp, and Drake created the Satori botnet in between July and August 2017. The first Satori iteration targeted devices running with factory-settings or protected with easy-to-guess passwords, the bot infected over 100,000 devices in its first month. the man also claimed that the botnet was capable of DDoS attacks of 1Tbps.

DDOS 145

DDOS IoT Advertising Internet 145

Security Affairs

DECEMBER 22, 2022

Experts observed the bot attempting to gain access to the device by using a combination of eight common usernames and 130 passwords for IoT devices over SSH and telnet on ports 23 and 2323. Adopt a comprehensive IoT security solution. Zerobot was also observed spreading by exploiting dozens of vulnerabilities, the version Zerobot 1.1

IoT 134

IoT DDOS Malware Firmware 134

Security Affairs

JUNE 22, 2021

The Windows botnet has been active since late 2017, it was mainly used to mine cryptocurrency, but it was also involved in DDoS attacks in 2018. “Recently, a new infection vector that cracks Windows machines through SMB password brute force is on the rise” reads the analysis published by AVAST.

DNS 145

DNS Internet Internet Malware 145

Security Affairs

NOVEMBER 5, 2021

This ‘line of work’ is coordinated by the FSB’s 18th Center (Information Security Center) based in Moscow.” In the period 2017-2021 this group implemented the most numerous cyberintelligence actions on various vectors of public administration. .” reads the announcement published by the SSU. “The SSU Cyber ??

Government 143

Government Software Cyber threats Cyber Attacks 143

Security Affairs

SEPTEMBER 13, 2021

. “An attacker-controlled webpage can know which other pages from the same websites a user is currently browsing, retrieve sensitive information from these pages, and even recover login credentials (e.g., to recover the password. ” The experts deployed Spook.js In another attack scenario, the researchers packaged Spook.js

Passwords 108

Passwords Hacking Technology Information Security 108

Security Affairs

MAY 27, 2022

This exposure of sensitive credential and network access information, especially privileged user accounts, could lead to subsequent cyber attacks against individual users or affiliated organizations.” Crooks obtain the information by conducting spear-phishing and ransomware attacks, or other means.

Cybercrime 145

Cybercrime Education Accountability Phishing 145

Security Affairs

JUNE 24, 2019

US DHS CISA agency warns of increased cyber-activity from Iran aimed at spreading data-wiping malware through password spraying , credential stuffing , and spear-phishing. Want to know more about password spraying and how to stop it? 2017- NotPetya leveraged the EternalBlue exploit to spread to vulnerable systems.

Backups 110

Backups Advertising Passwords Accountability 110

Security Affairs

DECEMBER 11, 2019

Penetration testing firm Fidus Information Security discovered over 752,000 birth certificate applications that have been exposed online due to an unsecured AWS bucket. . “The bucket wasn’t protected with a password, allowing anyone who knew the easy-to-guess web address access to the data.”

Penetration Testing 98

Penetration Testing Advertising Authentication Passwords 98

Security Affairs

NOVEMBER 22, 2019

Lisov was arrested in January 2017 at the Barcelona airport by the Guardia Civil. The banking trojan is able to record keystrokes, to steal passwords stored on the PC, and take screenshots and videos from the victims’ machine. LISOV had administrative-level access to those computer servers.”

Banking 133

Banking Malware Advertising Passwords 133

Security Affairs

OCTOBER 6, 2020

An attacker could also exploit the flaw to disable security features in the Netlogon authentication process and change a computer’s password on the domain controller’s Active Directory. The first MuddyWater campaign was observed in late 2017 when targeted entities in the Middle East.

Authentication 142

Authentication Advertising Architecture Cyber Attacks 142

Security Affairs

FEBRUARY 2, 2024

The Windows botnet has been active since late 2017, it was mainly used to mine cryptocurrency, but it was also involved in DDoS attacks in 2018. The malware uses exploits for known vulnerabilities and password brute-forcing attacks for self-propagation.

Malware 141

Malware Internet Internet DDOS 141

Security Affairs

AUGUST 2, 2020

This week, the United States Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC) issued a joint advisory about a massive ongoing campaign spreading the QSnatch data-stealing malware. Install and update Security Counselor. Avoid using default ports (i.e.

Malware 126

Malware Advertising Passwords Manufacturing 126

Security Affairs

OCTOBER 9, 2022

In total, the database leaked over 152,000 pieces of information pertaining to customers, such as emails, names, links to LinkedIn, Twitter, and Facebook profiles, and hashed passwords. The instance also contained 15 employee emails, names, and passwords protected by a weak SHA1-128bit hash. Dangerous leak.

Ransomware 118

Ransomware Passwords Encryption Identity Theft 118

Security Affairs

SEPTEMBER 21, 2019

US authorities have indicted two men for hacking the exchange EtherDelta in December 2017, one of them was also accused of TalkTalk hack. US authorities have indicted two men, Elliot Gunton and Anthony Tyler Nashatka, for hacking the cryptocurrency exchange EtherDelta in 2017. Six days later, on December 19, 2017.

Hacking 104

Hacking DNS Cryptocurrency Accountability 104

Security Affairs

JULY 14, 2020

According to MGM Resorts, the data was old, none of the customers in the archive stayed at the hotel past 2017. The company excluded that hackers have stolen financial and payment card data or passwords. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Data breaches 145

Data breaches Advertising Hacking Cybercrime 145

Security Affairs

JUNE 14, 2019

Experts at Dragos firm reported that Xenotime threat actor behind the 2017 Trisis/Triton malware attack is targeting electric utilities in the US and APAC. Xenotime threat actor is considered responsible for the 2017 Trisis/ Triton malware attack that hit oil and gas organizations. continues the report.

Malware 110

Malware Advertising Authentication Passwords 110

Security Affairs

OCTOBER 17, 2023

The group is also the author of the NotPetya ransomware that hit hundreds of companies worldwide in June 2017. POEMGATE is a malicious PAM module that is used by attackers to authenticate with a statically determined password and saves logins and passwords entered during authentication in a file in XOR-encoded form.

Telecommunications 139

Telecommunications Authentication Data collection Passwords 139

Security Affairs

MARCH 8, 2020

The final payload is the FormBook information-stealing Trojan, a malware that was first spotted by researchers at FireEye in October 2017. The commands include instructing the malware to download and execute files, start processes, shutdown and reboot the system, and steal cookies and local passwords.”

Malware 145

Malware Scams Social Engineering Phishing 145

The Last Watchdog

OCTOBER 15, 2018

You’ll recall that in the OPM breach , the cyber intruders stole a a staggering amount of highly sensitive information – deep personnel records for 21.5 In that caper, criminals got away with Social Security numbers, passwords, and in some cases, fingerprints. million federal employees and contractors. Cross-referencing.

Risk 133

Risk Government Cyber Attacks Authentication 133

Security Affairs

APRIL 12, 2024

TA547 is a financially motivated threat actor that has been active since at least November 2017, it was observed conducting multiple campaigns to deliver a variety of Android and Windows malware, including DanaBot , Gootkit , Lumma stealer , NetSupport RAT , Ursnif , and ZLoader.

Malware 140

Malware Social Engineering Retail Engineering 140

Security Affairs

FEBRUARY 11, 2020

In the OT attacks observed by IBM researchers, hackers attempted to exploit a combination of known ICS/SCADA vulnerabilities, as well as password-spraying attacks. In June 2019, experts from Dragos firm reported that Xenotime threat actor behind the 2017 Trisis/Triton malware attack was targeting electric utilities in the US and APAC.

Advertising 140

Advertising Malware IoT Technology 140

Security Affairs

JUNE 21, 2020

The United States has deported the computer programmer Stanislav Vitaliyevich Lisov (35) to Russia, he is the author of NeverQuest banking malware, Lisov was arrested in January 2017 at the Barcelona airport by the Guardia Civil.

Banking 138

Banking Malware Advertising Hacking 138

Security Affairs

SEPTEMBER 20, 2020

The Mozi botnet was spotted by security experts from 360 Netlab, at the time of its discovered it was actively targeting Netgear, D-Link, and Huawei routers by probing for weak Telnet passwords to compromise them. The sample spreads via Telnet with weak passwords and some known exploits (see the list below).

IoT 145

IoT DDOS Architecture Passwords 145