Troy Hunt

JUNE 1, 2020

closed or ia idk | BLM (@pjnkmin) May 31, 2020 Just to be clear: there's not necessarily a direct link between whoever put the video above together and the data now doing the rounds and attribution is tricky once you get a bunch of different people under different accounts and pseudonyms all flying the "Anonymous" banner.

Hacking 364

Hacking Passwords Data breaches Accountability 364

Krebs on Security

FEBRUARY 26, 2023

Media coverage understandably focused on GoDaddy’s admission that it suffered three different cyberattacks over as many years at the hands of the same hacking group. But we do know the March 2020 attack was precipitated by a spear-phishing attack against a GoDaddy employee.

Hacking 327

Hacking Social Engineering Phishing Scams 327

Krebs on Security

JULY 22, 2020

The New York Times last week ran an interview with several young men who claimed to have had direct contact with those involved in last week’s epic hack against Twitter. A screenshot of a Discord discussion between the key Twitter hacker “Kirk” and several people seeking to hijack high-value Twitter accounts.

Hacking 331

Hacking Accountability Scams Media 331

Krebs on Security

JUNE 15, 2024

A 22-year-old man from the United Kingdom arrested this week in Spain is allegedly the ringleader of Scattered Spider , a cybercrime group suspected of hacking into Twilio , LastPass , DoorDash , Mailchimp , and nearly 130 other organizations over the past two years. man arrested was a SIM-swapper who went by the alias “ Tyler.”

Hacking 336

Hacking Cybercrime Phishing Passwords 336

Krebs on Security

DECEMBER 19, 2022

men have been charged with hacking into the Ring home security cameras of a dozen random people and then “swatting” them — falsely reporting a violent incident at the target’s address to trick local police into responding with force. conspired to hack into Yahoo email accounts belonging to victims in the United States.

Hacking 329

Hacking Media Passwords Accountability 329

Schneier on Security

FEBRUARY 7, 2020

Ten years ago, I wrote an essay : "Security in 2020." Well, it's finally 2020. That's IT in 2020 -- it's not under your control, it's doing things without your knowledge and consent, and it's not necessarily acting in your best interests. I think I did pretty well. Security can only be defined in relation to something else.

Advertising 279

Advertising Internet Internet Artificial Intelligence 279

Security Affairs

JANUARY 2, 2022

The Twitter account of NASA Director Parimal Kopardekar (@nasapk) was hacked by the Powerful Greek Army group. The Twitter account of the NASA Director and Sr Technologist for Air Transporation Sytem Mr. Parimal Kopardekar ( @nasapk ) was hacked by the Powerful Greek Army group. NASA Director account hacked by PGA!

Accountability 145

Accountability Hacking Banking Government 145

Krebs on Security

OCTOBER 28, 2020

In March 2020, KrebsOnSecurity alerted Swedish security giant Gunnebo Group that hackers had broken into its network and sold the access to a criminal group which specializes in deploying ransomware. Five months later, Gunnebo disclosed it had suffered a cyber attack targeting its IT systems that forced the shutdown of internal servers.

Hacking 359

Hacking Ransomware Banking Accountability 359

Schneier on Security

FEBRUARY 10, 2023

And there are thousands of black-hat researchers who examine every line of the tax code looking for exploitable vulnerabilities—tax attorneys and tax accountants. That’s not hacking the tax code. It’s hacking the processes that create them: the legislative process that creates tax law. The tax code can be hacked.

Hacking 254

Hacking Artificial Intelligence Government Software 254

Security Affairs

DECEMBER 11, 2024

has charged a Chinese national for hacking thousands of Sophos firewall devices worldwide in 2020. has charged the Chinese national Guan Tianfeng (aka gbigmao and gxiaomao) for hacking thousands of Sophos firewall devices worldwide in 2020. Tianfeng worked at Sichuan Silence Information Technology Co.,

Firewall 75

Firewall Hacking Malware Passwords 75

Malwarebytes

FEBRUARY 14, 2025

The most recent data in this database is from May 2020. Now, a cybercriminal using the monicker Jurak, leaked sensitive information related to roughly 12 million accounts, which allegedly stems from a breach that happened last year. This would be the 2nd (hacked back in 2020) major data breach for Zacks. .

Accountability 81

Accountability Data breaches Passwords Phishing 81

Schneier on Security

JANUARY 28, 2019

Further, other devices also come with secret backdoor accounts that in some cases can't be removed without a firmware update. I am less optimistic about the country's ability to secure all of this stuff -- especially before the 2020 Summer Olympics. I am interested in the results of this survey.

IoT 267

IoT Government Firmware Hacking 267

Krebs on Security

JULY 26, 2021

02, 2020, pitching him as a trustworthy cryptocurrency expert and advisor. One day after last summer’s mass-hack of Twitter , KrebsOnSecurity wrote that 22-year-old British citizen Joseph “PlugwalkJoe” O’Connor appeared to have been involved in the incident. law enforcement officer ,” the footnote reads.

Media 351

Media Hacking Accountability Scams 351

Krebs on Security

JUNE 27, 2023

Joseph James “PlugwalkJoe” O’Connor , a 24-year-old from the United Kingdom who earned his 15 minutes of fame by participating in the July 2020 hack of Twitter , has been sentenced to five years in a U.S. 02, 2020, pitching O’Connor as a cryptocurrency expert and advisor. They can come arrest me.

Cryptocurrency 273

Cryptocurrency Accountability Mobile Hacking 273

Krebs on Security

FEBRUARY 9, 2023

Authorities in the United States and United Kingdom today levied financial sanctions against seven men accused of operating “ Trickbot ,” a cybercrime-as-a-service platform based in Russia that has enabled countless ransomware attacks and bank account takeovers since its debut in 2016. companies and government entities.

Hacking 237

Hacking Cybercrime Ransomware Government 237

The Hacker News

MAY 10, 2023

national has pleaded guilty in connection with the July 2020 Twitter attack affecting numerous high-profile accounts and defrauding other users of the platform. Department of

Hacking 116

Hacking Accountability 116

Krebs on Security

FEBRUARY 19, 2020

The disclosure comes almost a year after Citrix acknowledged that digital intruders had broken in by probing its employee accounts for weak passwords. 10, 2020, Citrix disclosed additional details about the incident. As the Citrix hack shows, if you don’t know you should probably check, and then act on the results accordingly.

VPN 363

VPN Passwords Software Telecommunications 363

Krebs on Security

MAY 5, 2021

Also, the apps will persist in a user’s Office 365 account indefinitely until removed, and will survive even after an account password reset. “Now, they’re compromising accounts in credible tenants first,” Proofpoint explains. A cybercriminal service advertising the sale of access to hacked Office365 accounts.

Accountability 351

Accountability Advertising Passwords Phishing 351

Security Affairs

NOVEMBER 18, 2024

T-Mobile confirmed being a victim of recent hacking campaigns linked to China-based threat actors targeting telecom companies. T-Mobile confirms it was hacked as part of a long-running cyber espionage campaign targeting Telco companies. and its allies for hacking activities in July. Wall Street Journal reported.

Mobile 113

Mobile Telecommunications Data breaches Hacking 113

The Last Watchdog

JANUARY 25, 2021

Thanks to a couple of milestone hacks disclosed at the close of 2020 and start of 2021, they will forever be associated with putting supply-chain vulnerabilities on the map. Similarly, the SolarWinds and Mimecast hacks are precursors of increasingly clever and deeply-damaging hacks of the global supply chain sure to come.

Hacking 228

Hacking B2B Authentication Software 228

Joseph Steinberg

DECEMBER 14, 2020

A former Cisco engineer was sentenced this past Wednesday (December 9, 2020) to 24 months in prison (and a $15,000 fine) for accessing Cisco’s network, and subsequently causing a service outage of Cisco’s WebEx Teams video conferencing service. Million in damage (including $1 Million of refunds to impacted customers and $1.4

Engineering 246

Engineering Hacking Accountability Scams 246

Security Affairs

DECEMBER 23, 2024

Will Cathcart of WhatsApp called the ruling a major privacy victory, emphasizing accountability for spyware firms after a five-year legal battle. We spent five years presenting our case because we firmly believe that spyware companies could not hide behind immunity or avoid accountability for their unlawful actions.

Spyware 108

Spyware Surveillance Software Hacking 108

Krebs on Security

MARCH 15, 2021

com , a wildly popular service that sold access to more than 12 billion usernames and passwords stolen from thousands of hacked websites. In an ironic turn of events, a lapsed domain registration tied to WeLeakInfo let someone plunder and publish account data on 24,000 customers who paid to access the service with a credit card.

Passwords 346

Passwords Accountability Hacking Data breaches 346

Security Affairs

SEPTEMBER 30, 2024

The Department of Justice charged a British national for hacking into the systems of five U.S. The Department of Justice charged the British national Robert Westbrook (39) for hacking into the systems of five U.S. From January 2019 to May 2020, the man carried out a hack-to-trade scheme, earning over $3 million in profits.

Hacking 137

Hacking Accountability Passwords Cybercrime 137

Krebs on Security

DECEMBER 18, 2020

government cybersecurity agencies warned this week that the attackers behind the widespread hacking spree stemming from the compromise at network software firm SolarWinds used weaknesses in other, non-SolarWinds products to attack high-value targets. National Security Agency (NSA) warned on Dec. ” Indeed, the NSA’s Dec.

Software 363

Software Authentication Hacking Government 363

Krebs on Security

SEPTEMBER 2, 2021

The data in this story come from a trusted source in the security industry who has visibility into a network of hacked machines that fraudsters in just about every corner of the Internet are using to anonymize their malicious Web traffic. Why go after hotel or airline rewards?

Accountability 345

Accountability Authentication Passwords Hacking 345

Krebs on Security

MARCH 17, 2021

In November 2020, KrebsOnSecurity heard from security researcher Abraham Vegh , who noticed something odd while inspecting an email from his financial institution. The messages from Netspend all were to confirm the email address tied to a new account, and concerned “me-to-me transfers” set up through its service.

Banking 349

Banking Accountability Software Mobile 349

Krebs on Security

APRIL 6, 2022

Many organizations are already struggling to combat cybersecurity threats from ransomware purveyors and state-sponsored hacking groups, both of which tend to take days or weeks to pivot from an opportunistic malware infection to a full blown data breach. In fact, the group often announces its hacks on social media.

Social Engineering 291

Social Engineering Phishing Engineering Accountability 291

Krebs on Security

DECEMBER 3, 2021

Since the beginning of 2020, Babam has set up numerous auctions on the Russian-language cybercrime forum Exploit , mainly selling virtual private networking (VPN) credentials stolen from various companies. Verified was hacked at least twice in the past five years, and its user database posted online. com (2017).

Ransomware 348

Ransomware Passwords Accountability Cybercrime 348

Security Affairs

FEBRUARY 2, 2025

A joint law enforcement operation led to the seizure of 39 domains tied to a Pakistan-based HeartSender cybercrime group (aka Saim Raza and Manipulators Team) known for selling hacking and fraud tools. The HeartSender group has sold phishing tools to criminals since 2020, causing over $3 million in U.S.

Cybercrime 109

Cybercrime Advertising Phishing Hacking 109

Krebs on Security

JULY 29, 2021

Our continued reliance on passwords for authentication has contributed to one toxic data spill or hack after another. The messages addressed customers by name and referenced past order numbers and payment amounts tied to each account. So hopefully by this point it should be clear why re-using passwords is generally a bad idea.

Passwords 363

Passwords Password Management Phishing Scams 363

Krebs on Security

JUNE 30, 2020

The COVID-19 pandemic has made it harder for banks to trace the source of payment card data stolen from smaller, hacked online merchants. On the plus side, months of quarantine have massively decreased demand for account information that thieves buy and use to create physical counterfeit credit cards. Image: Gemini Advisory.

Retail 347

Retail Banking Hacking Cybercrime 347

The Hacker News

DECEMBER 26, 2024

A Brazilian citizen has been charged in the United States for allegedly threatening to release data stolen by hacking into a company's network in March 2020.

Accountability 136

Accountability Hacking 136

Krebs on Security

NOVEMBER 6, 2023

Last week, KrebsOnSecurity broke the news that one of the largest cybercrime services for laundering stolen merchandise was hacked recently, exposing its internal operations, finances and organizational structure. That same email address is now tied to a Vkontakte account for an Ivan Sherban who lists his home as Saint Petersburg, Russia.

Passwords 299

Passwords Cybercrime Accountability Hacking 299

Security Affairs

DECEMBER 31, 2021

The Have I Been Pwned data breach notification service now includes credentials for 441K accounts that were stolen by RedLine malware. The service now includes credentials for 441K accounts stolen by the popular info-stealer. RS is the key source of identity data sold on online criminal forums since its initial release in early 2020.

Accountability 145

Accountability Malware Data breaches Passwords 145

Krebs on Security

MAY 22, 2023

Social networks are constantly battling inauthentic bot accounts that send direct messages to users promoting scam cryptocurrency investment platforms. Chaput said that at one point last week the volume of bot accounts being registered for the crypto spam campaign started overwhelming the servers that handle new signups at Mastodon.social.

Scams 303

Scams DDOS Cryptocurrency Accountability 303

Malwarebytes

OCTOBER 15, 2024

Unlike any other season in America, election season might bring the highest volume of advertisements sent directly to people’s homes, phones, and email accounts—and the accuracy and speed at which they come can feel invasive. Escaping this data collection regime has proven difficult for most people.

Scams 138

Scams Identity Theft Cybercrime Accountability 138